[v9,04/13] tests: Add a test key pair

Message ID	20170919072719.11815-5-famz@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 0C8C0C057FA8 From: Fam Zheng <famz@redhat.com> To: qemu-devel@nongnu.org Date: Tue, 19 Sep 2017 15:27:10 +0800 Message-Id: <20170919072719.11815-5-famz@redhat.com> In-Reply-To: <20170919072719.11815-1-famz@redhat.com> References: <20170919072719.11815-1-famz@redhat.com> Subject: [Qemu-devel] [PATCH v9 04/13] tests: Add a test key pair Precedence: list Cc: Peter Maydell <peter.maydell@linaro.org>, Fam Zheng <famz@redhat.com>, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <f4bug@amsat.org>, Kamil Rytarowski <kamil@netbsd.org>, pbonzini@redhat.com, stefanha@redhat.com, Cleber Rosa <crosa@redhat.com>, =?utf-8?q?Alex_Benn=C3=A9e?= <alex.bennee@linaro.org> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	tests: Add VM based build tests (for non-x86_64 and/or non-Linux) \| expand [v9,00/13] tests: Add VM based build tests (for non-x86_64 and/or non-Linux) [v9,01/13] gitignore: Ignore vm test images [v9,02/13] qemu.py: Add "wait()" method [v9,03/13] scripts: Add archive-source.sh [v9,04/13] tests: Add a test key pair [v9,05/13] tests: Add vm test lib [v9,06/13] tests: Add ubuntu.i386 image [v9,07/13] tests: Add FreeBSD image [v9,08/13] tests: Add NetBSD image [v9,09/13] tests: Add OpenBSD image [v9,10/13] Makefile: Add rules to run vm tests [v9,11/13] MAINTAINERS: Add tests/vm entry [v9,12/13] tests: Add README for vm tests [v9,13/13] docker: Use archive-source.py

Message ID

20170919072719.11815-5-famz@redhat.com

State

New

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 0C8C0C057FA8
From: Fam Zheng <famz@redhat.com>
To: qemu-devel@nongnu.org
Date: Tue, 19 Sep 2017 15:27:10 +0800
Message-Id: <20170919072719.11815-5-famz@redhat.com>
In-Reply-To: <20170919072719.11815-1-famz@redhat.com>
References: <20170919072719.11815-1-famz@redhat.com>
Subject: [Qemu-devel] [PATCH v9 04/13] tests: Add a test key pair
Precedence: list
Cc: Peter Maydell <peter.maydell@linaro.org>, Fam Zheng <famz@redhat.com>,
	=?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <f4bug@amsat.org>,
	Kamil Rytarowski <kamil@netbsd.org>, pbonzini@redhat.com, 
	stefanha@redhat.com, Cleber Rosa <crosa@redhat.com>,
	=?utf-8?q?Alex_Benn=C3=A9e?= <alex.bennee@linaro.org>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

tests: Add VM based build tests (for non-x86_64 and/or non-Linux) | expand

Commit Message

Fam Zheng Sept. 19, 2017, 7:27 a.m. UTC

This will be used by setup test user ssh.

Signed-off-by: Fam Zheng <famz@redhat.com>
---
 tests/keys/README     |  6 ++++++
 tests/keys/id_rsa     | 27 +++++++++++++++++++++++++++
 tests/keys/id_rsa.pub |  1 +
 3 files changed, 34 insertions(+)
 create mode 100644 tests/keys/README
 create mode 100644 tests/keys/id_rsa
 create mode 100644 tests/keys/id_rsa.pub

Comments

Alex Bennée Sept. 19, 2017, 3:08 p.m. UTC | #1

Fam Zheng <famz@redhat.com> writes:

> This will be used by setup test user ssh.
>
> Signed-off-by: Fam Zheng <famz@redhat.com>

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

> ---
>  tests/keys/README     |  6 ++++++
>  tests/keys/id_rsa     | 27 +++++++++++++++++++++++++++
>  tests/keys/id_rsa.pub |  1 +
>  3 files changed, 34 insertions(+)
>  create mode 100644 tests/keys/README
>  create mode 100644 tests/keys/id_rsa
>  create mode 100644 tests/keys/id_rsa.pub
>
> diff --git a/tests/keys/README b/tests/keys/README
> new file mode 100644
> index 0000000000..f381ac0698
> --- /dev/null
> +++ b/tests/keys/README
> @@ -0,0 +1,6 @@
> +This folder contains a well-known key pair used in QEMU tests.
> +
> +Some guests require the key to exist prior to provisioning the guest; also,
> +reusing a pre-built key avoids consuming entropy every time the testsuite is
> +run.  Because the private key is well-known, care must be taken to use the key
> +ONLY in situations that cannot be compromised by external network clients.
> diff --git a/tests/keys/id_rsa b/tests/keys/id_rsa
> new file mode 100644
> index 0000000000..2933eac3db
> --- /dev/null
> +++ b/tests/keys/id_rsa
> @@ -0,0 +1,27 @@
> +-----BEGIN RSA PRIVATE KEY-----
> +MIIEowIBAAKCAQEAopAuOlmLV6LVHdFBj8/eeOwI9CqguIJPp7eAQSZvOiB4Ag/R
> +coEhl/RBbrV5Yc/SmSD4PTpJO/iM10RwliNjDb4a3I8q3sykRJu9c9PI/YsH8WN9
> ++NH2NjKPtJIcKTu287IM5JYxyB6nDoOzILbTyJ1TDR/xH6qYEfBAyiblggdjcvhA
> +RTf93QIn39F/xLypXvT1K2O9BJEsnJ8lEUvB2UXhKo/JTfSeZF8wPBeowaP9EONk
> +7b+nuJOWHGg68Ji6wVi62tjwl2Szch6lxIhZBpnV7QNRKMfYHP6eIyF4pusazzZq
> +Telsq6xI2ghecWLzb/MF5A+rklsGx2FNuJSAJwIDAQABAoIBAHHi4o/8VZNivz0x
> +cWXn8erzKV6tUoWQvW85Lj/2RiwJvSlsnYZDkx5af1CpEE2HA/pFT8PNRqsd+MWC
> +7AEy710cVsM4BYerBFYQaYxwzblaoojo88LSjVPw3h5Z0iLM8+IMVd36nwuc9dpE
> +R8TecMZ1+U4Tl6BgqkK+9xToZRdPKdjS8L5MoFhGN+xY0vRbbJbGaV9Q0IHxLBkB
> +rEBV7T1mUynneCHRUQlJQEwJmKpT8MH3IjsUXlG5YvnuuvcQJSNTaW2iDLxuOKp8
> +cxW8+qL88zpb1D5dppoIu6rlrugN0azSq70ruFJQPc/A8GQrDKoGgRQiagxNY3u+
> +vHZzXlECgYEA0dKO3gfkSxsDBb94sQwskMScqLhcKhztEa8kPxTx6Yqh+x8/scx3
> +XhJyOt669P8U1v8a/2Al+s81oZzzfQSzO1Q7gEwSrgBcRMSIoRBUw9uYcy02ngb/
> +j/ng3DGivfJztjjiSJwb46FHkJ2JR8mF2UisC6UMXk3NgFY/3vWQx78CgYEAxlcG
> +T3hfSWSmTgKRczMJuHQOX9ULfTBIqwP5VqkkkiavzigGRirzb5lgnmuTSPTpF0LB
> +XVPjR2M4q+7gzP0Dca3pocrvLEoxjwIKnCbYKnyyvnUoE9qHv4Kr+vDbgWpa2LXG
> +JbLmE7tgTCIp20jOPPT4xuDvlbzQZBJ5qCQSoZkCgYEAgrotSSihlCnAOFSTXbu4
> +CHp3IKe8xIBBNENq0eK61kcJpOxTQvOha3sSsJsU4JAM6+cFaxb8kseHIqonCj1j
> +bhOM/uJmwQJ4el/4wGDsbxriYOBKpyq1D38gGhDS1IW6kk3erl6VAb36WJ/OaGum
> +eTpN9vNeQWM4Jj2WjdNx4QECgYAwTdd6mU1TmZCrJRL5ZG+0nYc2rbMrnQvFoqUi
> +BvWiJovggHzur90zy73tNzPaq9Ls2FQxf5G1vCN8NCRJqEEjeYCR59OSDMu/EXc2
> +CnvQ9SevHOdS1oEDEjcCWZCMFzPi3XpRih1gptzQDe31uuiHjf3cqcGPzTlPdfRt
> +D8P92QKBgC4UaBvIRwREVJsdZzpIzm224Bpe8LOmA7DeTnjlT0b3lkGiBJ36/Q0p
> +VhYh/6cjX4/iuIs7gJbGon7B+YPB8scmOi3fj0+nkJAONue1mMfBNkba6qQTc6Y2
> +5mEKw2/O7/JpND7ucU3OK9plcw/qnrWDgHxl0Iz95+OzUIIagxne
> +-----END RSA PRIVATE KEY-----
> diff --git a/tests/keys/id_rsa.pub b/tests/keys/id_rsa.pub
> new file mode 100644
> index 0000000000..d9888e312f
> --- /dev/null
> +++ b/tests/keys/id_rsa.pub
> @@ -0,0 +1 @@
> +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCikC46WYtXotUd0UGPz9547Aj0KqC4gk+nt4BBJm86IHgCD9FygSGX9EFutXlhz9KZIPg9Okk7+IzXRHCWI2MNvhrcjyrezKREm71z08j9iwfxY3340fY2Mo+0khwpO7bzsgzkljHIHqcOg7MgttPInVMNH/EfqpgR8EDKJuWCB2Ny+EBFN/3dAiff0X/EvKle9PUrY70EkSycnyURS8HZReEqj8lN9J5kXzA8F6jBo/0Q42Ttv6e4k5YcaDrwmLrBWLra2PCXZLNyHqXEiFkGmdXtA1Eox9gc/p4jIXim6xrPNmpN6WyrrEjaCF5xYvNv8wXkD6uSWwbHYU24lIAn qemu-test


--
Alex Bennée

Eric Blake Sept. 19, 2017, 3:18 p.m. UTC | #2

On 09/19/2017 02:27 AM, Fam Zheng wrote:
> This will be used by setup test user ssh.
> 
> Signed-off-by: Fam Zheng <famz@redhat.com>
> ---
>  tests/keys/README     |  6 ++++++
>  tests/keys/id_rsa     | 27 +++++++++++++++++++++++++++
>  tests/keys/id_rsa.pub |  1 +
>  3 files changed, 34 insertions(+)
>  create mode 100644 tests/keys/README
>  create mode 100644 tests/keys/id_rsa
>  create mode 100644 tests/keys/id_rsa.pub
> 
> diff --git a/tests/keys/README b/tests/keys/README
> new file mode 100644
> index 0000000000..f381ac0698
> --- /dev/null
> +++ b/tests/keys/README
> @@ -0,0 +1,6 @@
> +This folder contains a well-known key pair used in QEMU tests.

s/key/ssh key/ ?

> +
> +Some guests require the key to exist prior to provisioning the guest; also,
> +reusing a pre-built key avoids consuming entropy every time the testsuite is
> +run.  Because the private key is well-known, care must be taken to use the key
> +ONLY in situations that cannot be compromised by external network clients.

Thanks; that helps.

> +++ b/tests/keys/id_rsa.pub
> @@ -0,0 +1 @@
> +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCikC46WYtXotUd0UGPz9547Aj0KqC4gk+nt4BBJm86IHgCD9FygSGX9EFutXlhz9KZIPg9Okk7+IzXRHCWI2MNvhrcjyrezKREm71z08j9iwfxY3340fY2Mo+0khwpO7bzsgzkljHIHqcOg7MgttPInVMNH/EfqpgR8EDKJuWCB2Ny+EBFN/3dAiff0X/EvKle9PUrY70EkSycnyURS8HZReEqj8lN9J5kXzA8F6jBo/0Q42Ttv6e4k5YcaDrwmLrBWLra2PCXZLNyHqXEiFkGmdXtA1Eox9gc/p4jIXim6xrPNmpN6WyrrEjaCF5xYvNv8wXkD6uSWwbHYU24lIAn qemu-test

Let's make the comment even longer (I think you can use 'ssh-keygen -C
"some useful comment"', but
https://serverfault.com/questions/442933/add-comment-to-existing-ssh-public-key
has more information): maybe along the lines of:

ssh-rsa AAAAB...IAn well-known key for qemu-test, do not use on any
machine exposed to an external network

But either way,

Reviewed-by: Eric Blake <eblake@redhat.com>

Fam Zheng Sept. 20, 2017, 3:11 a.m. UTC | #3

On Tue, 09/19 10:18, Eric Blake wrote:
> On 09/19/2017 02:27 AM, Fam Zheng wrote:
> > This will be used by setup test user ssh.
> > 
> > Signed-off-by: Fam Zheng <famz@redhat.com>
> > ---
> >  tests/keys/README     |  6 ++++++
> >  tests/keys/id_rsa     | 27 +++++++++++++++++++++++++++
> >  tests/keys/id_rsa.pub |  1 +
> >  3 files changed, 34 insertions(+)
> >  create mode 100644 tests/keys/README
> >  create mode 100644 tests/keys/id_rsa
> >  create mode 100644 tests/keys/id_rsa.pub
> > 
> > diff --git a/tests/keys/README b/tests/keys/README
> > new file mode 100644
> > index 0000000000..f381ac0698
> > --- /dev/null
> > +++ b/tests/keys/README
> > @@ -0,0 +1,6 @@
> > +This folder contains a well-known key pair used in QEMU tests.
> 
> s/key/ssh key/ ?

Yup.

> 
> > +
> > +Some guests require the key to exist prior to provisioning the guest; also,
> > +reusing a pre-built key avoids consuming entropy every time the testsuite is
> > +run.  Because the private key is well-known, care must be taken to use the key
> > +ONLY in situations that cannot be compromised by external network clients.
> 
> Thanks; that helps.
> 
> > +++ b/tests/keys/id_rsa.pub
> > @@ -0,0 +1 @@
> > +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCikC46WYtXotUd0UGPz9547Aj0KqC4gk+nt4BBJm86IHgCD9FygSGX9EFutXlhz9KZIPg9Okk7+IzXRHCWI2MNvhrcjyrezKREm71z08j9iwfxY3340fY2Mo+0khwpO7bzsgzkljHIHqcOg7MgttPInVMNH/EfqpgR8EDKJuWCB2Ny+EBFN/3dAiff0X/EvKle9PUrY70EkSycnyURS8HZReEqj8lN9J5kXzA8F6jBo/0Q42Ttv6e4k5YcaDrwmLrBWLra2PCXZLNyHqXEiFkGmdXtA1Eox9gc/p4jIXim6xrPNmpN6WyrrEjaCF5xYvNv8wXkD6uSWwbHYU24lIAn qemu-test
> 
> Let's make the comment even longer (I think you can use 'ssh-keygen -C
> "some useful comment"', but
> https://serverfault.com/questions/442933/add-comment-to-existing-ssh-public-key
> has more information): maybe along the lines of:
> 
> ssh-rsa AAAAB...IAn well-known key for qemu-test, do not use on any
> machine exposed to an external network

OK.

diff --git a/tests/keys/README b/tests/keys/README
new file mode 100644
index 0000000000..f381ac0698
--- /dev/null
+++ b/tests/keys/README
@@ -0,0 +1,6 @@ 
+This folder contains a well-known key pair used in QEMU tests.
+
+Some guests require the key to exist prior to provisioning the guest; also,
+reusing a pre-built key avoids consuming entropy every time the testsuite is
+run.  Because the private key is well-known, care must be taken to use the key
+ONLY in situations that cannot be compromised by external network clients.
diff --git a/tests/keys/id_rsa b/tests/keys/id_rsa
new file mode 100644
index 0000000000..2933eac3db
--- /dev/null
+++ b/tests/keys/id_rsa
@@ -0,0 +1,27 @@ 
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAopAuOlmLV6LVHdFBj8/eeOwI9CqguIJPp7eAQSZvOiB4Ag/R
+coEhl/RBbrV5Yc/SmSD4PTpJO/iM10RwliNjDb4a3I8q3sykRJu9c9PI/YsH8WN9
++NH2NjKPtJIcKTu287IM5JYxyB6nDoOzILbTyJ1TDR/xH6qYEfBAyiblggdjcvhA
+RTf93QIn39F/xLypXvT1K2O9BJEsnJ8lEUvB2UXhKo/JTfSeZF8wPBeowaP9EONk
+7b+nuJOWHGg68Ji6wVi62tjwl2Szch6lxIhZBpnV7QNRKMfYHP6eIyF4pusazzZq
+Telsq6xI2ghecWLzb/MF5A+rklsGx2FNuJSAJwIDAQABAoIBAHHi4o/8VZNivz0x
+cWXn8erzKV6tUoWQvW85Lj/2RiwJvSlsnYZDkx5af1CpEE2HA/pFT8PNRqsd+MWC
+7AEy710cVsM4BYerBFYQaYxwzblaoojo88LSjVPw3h5Z0iLM8+IMVd36nwuc9dpE
+R8TecMZ1+U4Tl6BgqkK+9xToZRdPKdjS8L5MoFhGN+xY0vRbbJbGaV9Q0IHxLBkB
+rEBV7T1mUynneCHRUQlJQEwJmKpT8MH3IjsUXlG5YvnuuvcQJSNTaW2iDLxuOKp8
+cxW8+qL88zpb1D5dppoIu6rlrugN0azSq70ruFJQPc/A8GQrDKoGgRQiagxNY3u+
+vHZzXlECgYEA0dKO3gfkSxsDBb94sQwskMScqLhcKhztEa8kPxTx6Yqh+x8/scx3
+XhJyOt669P8U1v8a/2Al+s81oZzzfQSzO1Q7gEwSrgBcRMSIoRBUw9uYcy02ngb/
+j/ng3DGivfJztjjiSJwb46FHkJ2JR8mF2UisC6UMXk3NgFY/3vWQx78CgYEAxlcG
+T3hfSWSmTgKRczMJuHQOX9ULfTBIqwP5VqkkkiavzigGRirzb5lgnmuTSPTpF0LB
+XVPjR2M4q+7gzP0Dca3pocrvLEoxjwIKnCbYKnyyvnUoE9qHv4Kr+vDbgWpa2LXG
+JbLmE7tgTCIp20jOPPT4xuDvlbzQZBJ5qCQSoZkCgYEAgrotSSihlCnAOFSTXbu4
+CHp3IKe8xIBBNENq0eK61kcJpOxTQvOha3sSsJsU4JAM6+cFaxb8kseHIqonCj1j
+bhOM/uJmwQJ4el/4wGDsbxriYOBKpyq1D38gGhDS1IW6kk3erl6VAb36WJ/OaGum
+eTpN9vNeQWM4Jj2WjdNx4QECgYAwTdd6mU1TmZCrJRL5ZG+0nYc2rbMrnQvFoqUi
+BvWiJovggHzur90zy73tNzPaq9Ls2FQxf5G1vCN8NCRJqEEjeYCR59OSDMu/EXc2
+CnvQ9SevHOdS1oEDEjcCWZCMFzPi3XpRih1gptzQDe31uuiHjf3cqcGPzTlPdfRt
+D8P92QKBgC4UaBvIRwREVJsdZzpIzm224Bpe8LOmA7DeTnjlT0b3lkGiBJ36/Q0p
+VhYh/6cjX4/iuIs7gJbGon7B+YPB8scmOi3fj0+nkJAONue1mMfBNkba6qQTc6Y2
+5mEKw2/O7/JpND7ucU3OK9plcw/qnrWDgHxl0Iz95+OzUIIagxne
+-----END RSA PRIVATE KEY-----
diff --git a/tests/keys/id_rsa.pub b/tests/keys/id_rsa.pub
new file mode 100644
index 0000000000..d9888e312f
--- /dev/null
+++ b/tests/keys/id_rsa.pub
@@ -0,0 +1 @@ 
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCikC46WYtXotUd0UGPz9547Aj0KqC4gk+nt4BBJm86IHgCD9FygSGX9EFutXlhz9KZIPg9Okk7+IzXRHCWI2MNvhrcjyrezKREm71z08j9iwfxY3340fY2Mo+0khwpO7bzsgzkljHIHqcOg7MgttPInVMNH/EfqpgR8EDKJuWCB2Ny+EBFN/3dAiff0X/EvKle9PUrY70EkSycnyURS8HZReEqj8lN9J5kXzA8F6jBo/0Q42Ttv6e4k5YcaDrwmLrBWLra2PCXZLNyHqXEiFkGmdXtA1Eox9gc/p4jIXim6xrPNmpN6WyrrEjaCF5xYvNv8wXkD6uSWwbHYU24lIAn qemu-test

[v9,04/13] tests: Add a test key pair

Commit Message

Comments

Patch