[v8,04/13] tests: Add a test key pair

Message ID	20170918024402.3265-5-famz@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 2F87587649 From: Fam Zheng <famz@redhat.com> To: qemu-devel@nongnu.org Date: Mon, 18 Sep 2017 10:43:53 +0800 Message-Id: <20170918024402.3265-5-famz@redhat.com> In-Reply-To: <20170918024402.3265-1-famz@redhat.com> References: <20170918024402.3265-1-famz@redhat.com> Subject: [Qemu-devel] [PATCH v8 04/13] tests: Add a test key pair Precedence: list Cc: Peter Maydell <peter.maydell@linaro.org>, Fam Zheng <famz@redhat.com>, Cleber Rosa <crosa@redhat.com>, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <f4bug@amsat.org>, Kamil Rytarowski <kamil@netbsd.org>, stefanha@redhat.com, pbonzini@redhat.com, =?utf-8?q?Alex_Benn=C3=A9e?= <alex.bennee@linaro.org> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	tests: Add VM based build tests (for non-x86_64 and/or non-Linux) \| expand [v8,00/13] tests: Add VM based build tests (for non-x86_64 and/or non-Linux) [v8,01/13] gitignore: Ignore vm test images [v8,02/13] qemu.py: Add "wait()" method [v8,03/13] scripts: Add archive-source.sh [v8,04/13] tests: Add a test key pair [v8,05/13] tests: Add vm test lib [v8,06/13] tests: Add ubuntu.i386 image [v8,07/13] tests: Add FreeBSD image [v8,08/13] tests: Add NetBSD image [v8,09/13] tests: Add OpenBSD image [v8,10/13] Makefile: Add rules to run vm tests [v8,11/13] MAINTAINERS: Add tests/vm entry [v8,12/13] tests: Add README for vm tests [v8,13/13] docker: Use archive-source.py

Message ID

20170918024402.3265-5-famz@redhat.com

State

New

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 2F87587649
From: Fam Zheng <famz@redhat.com>
To: qemu-devel@nongnu.org
Date: Mon, 18 Sep 2017 10:43:53 +0800
Message-Id: <20170918024402.3265-5-famz@redhat.com>
In-Reply-To: <20170918024402.3265-1-famz@redhat.com>
References: <20170918024402.3265-1-famz@redhat.com>
Subject: [Qemu-devel] [PATCH v8 04/13] tests: Add a test key pair
Precedence: list
Cc: Peter Maydell <peter.maydell@linaro.org>, Fam Zheng <famz@redhat.com>,
	Cleber Rosa <crosa@redhat.com>, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?=
	<f4bug@amsat.org>, Kamil Rytarowski <kamil@netbsd.org>,
	stefanha@redhat.com, 	pbonzini@redhat.com, =?utf-8?q?Alex_Benn=C3=A9e?=
	<alex.bennee@linaro.org>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

tests: Add VM based build tests (for non-x86_64 and/or non-Linux) | expand

Commit Message

Fam Zheng Sept. 18, 2017, 2:43 a.m. UTC

This will be used by setup test user ssh.

Signed-off-by: Fam Zheng <famz@redhat.com>
---
 tests/keys/id_rsa     | 27 +++++++++++++++++++++++++++
 tests/keys/id_rsa.pub |  1 +
 2 files changed, 28 insertions(+)
 create mode 100644 tests/keys/id_rsa
 create mode 100644 tests/keys/id_rsa.pub

Comments

Eric Blake Sept. 18, 2017, 3:17 p.m. UTC | #1

On 09/17/2017 09:43 PM, Fam Zheng wrote:
> This will be used by setup test user ssh.

Shouldn't the commit message have more details about WHY we are checking
in a private key? The conversation last time included useful gems such as:

Some guests require the key to exist prior to provisioning the guest,
and reusing a pre-built key avoids consuming entropy every time the
testsuite is run.  Because the private key is well-known, care must be
taken to use the key ONLY in situations that cannot be compromised by
external network clients.

> 
> Signed-off-by: Fam Zheng <famz@redhat.com>
> ---
>  tests/keys/id_rsa     | 27 +++++++++++++++++++++++++++
>  tests/keys/id_rsa.pub |  1 +
>  2 files changed, 28 insertions(+)
>  create mode 100644 tests/keys/id_rsa
>  create mode 100644 tests/keys/id_rsa.pub
>

Fam Zheng Sept. 19, 2017, 2:10 a.m. UTC | #2

On Mon, 09/18 10:17, Eric Blake wrote:
> On 09/17/2017 09:43 PM, Fam Zheng wrote:
> > This will be used by setup test user ssh.
> 
> Shouldn't the commit message have more details about WHY we are checking
> in a private key? The conversation last time included useful gems such as:
> 
> Some guests require the key to exist prior to provisioning the guest,
> and reusing a pre-built key avoids consuming entropy every time the
> testsuite is run.  Because the private key is well-known, care must be
> taken to use the key ONLY in situations that cannot be compromised by
> external network clients.

Yeah. Not everyone looks at the commit message, I'll add a tests/keys/README to
document that.

Fam

diff --git a/tests/keys/id_rsa b/tests/keys/id_rsa
new file mode 100644
index 0000000000..2933eac3db
--- /dev/null
+++ b/tests/keys/id_rsa
@@ -0,0 +1,27 @@ 
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAopAuOlmLV6LVHdFBj8/eeOwI9CqguIJPp7eAQSZvOiB4Ag/R
+coEhl/RBbrV5Yc/SmSD4PTpJO/iM10RwliNjDb4a3I8q3sykRJu9c9PI/YsH8WN9
++NH2NjKPtJIcKTu287IM5JYxyB6nDoOzILbTyJ1TDR/xH6qYEfBAyiblggdjcvhA
+RTf93QIn39F/xLypXvT1K2O9BJEsnJ8lEUvB2UXhKo/JTfSeZF8wPBeowaP9EONk
+7b+nuJOWHGg68Ji6wVi62tjwl2Szch6lxIhZBpnV7QNRKMfYHP6eIyF4pusazzZq
+Telsq6xI2ghecWLzb/MF5A+rklsGx2FNuJSAJwIDAQABAoIBAHHi4o/8VZNivz0x
+cWXn8erzKV6tUoWQvW85Lj/2RiwJvSlsnYZDkx5af1CpEE2HA/pFT8PNRqsd+MWC
+7AEy710cVsM4BYerBFYQaYxwzblaoojo88LSjVPw3h5Z0iLM8+IMVd36nwuc9dpE
+R8TecMZ1+U4Tl6BgqkK+9xToZRdPKdjS8L5MoFhGN+xY0vRbbJbGaV9Q0IHxLBkB
+rEBV7T1mUynneCHRUQlJQEwJmKpT8MH3IjsUXlG5YvnuuvcQJSNTaW2iDLxuOKp8
+cxW8+qL88zpb1D5dppoIu6rlrugN0azSq70ruFJQPc/A8GQrDKoGgRQiagxNY3u+
+vHZzXlECgYEA0dKO3gfkSxsDBb94sQwskMScqLhcKhztEa8kPxTx6Yqh+x8/scx3
+XhJyOt669P8U1v8a/2Al+s81oZzzfQSzO1Q7gEwSrgBcRMSIoRBUw9uYcy02ngb/
+j/ng3DGivfJztjjiSJwb46FHkJ2JR8mF2UisC6UMXk3NgFY/3vWQx78CgYEAxlcG
+T3hfSWSmTgKRczMJuHQOX9ULfTBIqwP5VqkkkiavzigGRirzb5lgnmuTSPTpF0LB
+XVPjR2M4q+7gzP0Dca3pocrvLEoxjwIKnCbYKnyyvnUoE9qHv4Kr+vDbgWpa2LXG
+JbLmE7tgTCIp20jOPPT4xuDvlbzQZBJ5qCQSoZkCgYEAgrotSSihlCnAOFSTXbu4
+CHp3IKe8xIBBNENq0eK61kcJpOxTQvOha3sSsJsU4JAM6+cFaxb8kseHIqonCj1j
+bhOM/uJmwQJ4el/4wGDsbxriYOBKpyq1D38gGhDS1IW6kk3erl6VAb36WJ/OaGum
+eTpN9vNeQWM4Jj2WjdNx4QECgYAwTdd6mU1TmZCrJRL5ZG+0nYc2rbMrnQvFoqUi
+BvWiJovggHzur90zy73tNzPaq9Ls2FQxf5G1vCN8NCRJqEEjeYCR59OSDMu/EXc2
+CnvQ9SevHOdS1oEDEjcCWZCMFzPi3XpRih1gptzQDe31uuiHjf3cqcGPzTlPdfRt
+D8P92QKBgC4UaBvIRwREVJsdZzpIzm224Bpe8LOmA7DeTnjlT0b3lkGiBJ36/Q0p
+VhYh/6cjX4/iuIs7gJbGon7B+YPB8scmOi3fj0+nkJAONue1mMfBNkba6qQTc6Y2
+5mEKw2/O7/JpND7ucU3OK9plcw/qnrWDgHxl0Iz95+OzUIIagxne
+-----END RSA PRIVATE KEY-----
diff --git a/tests/keys/id_rsa.pub b/tests/keys/id_rsa.pub
new file mode 100644
index 0000000000..d9888e312f
--- /dev/null
+++ b/tests/keys/id_rsa.pub
@@ -0,0 +1 @@ 
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCikC46WYtXotUd0UGPz9547Aj0KqC4gk+nt4BBJm86IHgCD9FygSGX9EFutXlhz9KZIPg9Okk7+IzXRHCWI2MNvhrcjyrezKREm71z08j9iwfxY3340fY2Mo+0khwpO7bzsgzkljHIHqcOg7MgttPInVMNH/EfqpgR8EDKJuWCB2Ny+EBFN/3dAiff0X/EvKle9PUrY70EkSycnyURS8HZReEqj8lN9J5kXzA8F6jBo/0Q42Ttv6e4k5YcaDrwmLrBWLra2PCXZLNyHqXEiFkGmdXtA1Eox9gc/p4jIXim6xrPNmpN6WyrrEjaCF5xYvNv8wXkD6uSWwbHYU24lIAn qemu-test

[v8,04/13] tests: Add a test key pair

Commit Message

Comments

Patch