def test_username_config_bypass(self):
ssh_command_line.context.config["SSHOptions"]["require_explicit_username"] = False
cmdline = "ssh host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline + " -oPubkeyAuthentication=no -oUserKnownHostsFile=/dev/null -T")
def test_username_l_option_2(self):
cmdline = "echo ls |ssh host -p2222 -v -T -l user -oPubkeyAuthentication=no -oUserKnownHostsFile=/dev/null ; " \
"echo 'Done!'&"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_complex_case(self):
cmdline = "torify ssh root@host -p2222 &"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], "torify ssh root@host -p2222 -oPubkeyAuthentication=no "
"-oUserKnownHostsFile=/dev/null -T &")
def test_option_config_bypass(self):
ssh_command_line.context.config["SSHOptions"]["force_disable_pty_allocation"] = False
ssh_command_line.context.config["SSHOptions"]["prevent_ssh_key_leaks"] = False
ssh_command_line.context.config["SSHOptions"]["disable_known_hosts"] = False
cmdline = "ssh root@host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_username_config_bypass(self):
old = ssh_command_line.context.config["SSHOptions"]["require_explicit_username"]
ssh_command_line.context.config["SSHOptions"]["require_explicit_username"] = False
cmdline = "ssh host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline + " -T")
ssh_command_line.context.config["SSHOptions"]["require_explicit_username"] = old
def test_T_option_config_bypass(self):
old = ssh_command_line.context.config["SSHOptions"]["force_disable_pty_allocation"]
ssh_command_line.context.config["SSHOptions"]["force_disable_pty_allocation"] = False
cmdline = "ssh root@host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
ssh_command_line.context.config["SSHOptions"]["force_disable_pty_allocation"] = old
def test_standard_case(self):
cmdline = "ssh root@host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline + " -oPubkeyAuthentication=no -oUserKnownHostsFile=/dev/null -T")
def test_username_complex(self):
cmdline = "echo ls |ssh host -p2222 -v ; echo 'Done!'&"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.CANCEL)
self.assertEqual(result[1], None)
def test_username_standard(self):
cmdline = "ssh host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.CANCEL)
self.assertEqual(result[1], None)
def test_not_really_ssh(self):
cmdline = "mv ~/.ssh/id_rsa ssh"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_no_ssh(self):
cmdline = "ls -l |grep passwords > /tmp/pass"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_option_already_present(self):
cmdline = "ssh root@host -oPubkeyAuthentication=no -oUserKnownHostsFile=/dev/null -T -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_standard_case(self):
cmdline = "ssh root@host -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline + " -T")
def test_username_not_applicable(self):
cmdline = "find . -name ls |base64"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_pubkey_explicit(self):
cmdline = "ssh root@host -p2222 -vT -oUserKnownHostsFile=yolo -i ~/.ssh/id_rsa"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_option_already_present(self):
cmdline = "ssh root@host -T -p2222 -v"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_complex_case(self):
cmdline = "torify ssh root@host -p2222 &"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], "torify ssh root@host -p2222 -T &")
def test_pubkey_authentication_present(self):
cmdline = "ssh root@host -p2222 -vT -oPubkeyAuthentication=yolo -oUserKnownHostsFile=yolo"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)
def test_username_l_option(self):
cmdline = "echo ls |ssh host -p2222 -v -T -oPubkeyAuthentication=no -lroot ; echo 'Done!'&"
p = SSHOptions()
result = p.apply(cmdline)
self.assertEqual(result[0], ProcessorAction.FORWARD)
self.assertEqual(result[1], cmdline)