feat: US-016 - Add SSH key-based authentication e2e-docker fixture

Author: NathanFlurry

packages/secure-exec/tests/e2e-docker/dockerfiles/sshd.Dockerfile

@@ -5,7 +5,12 @@ RUN apk add --no-cache openssh \
  && echo "testuser:testpass" | chpasswd \
  && sed -i 's/^#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config \
  && sed -i 's/^#PermitEmptyPasswords.*/PermitEmptyPasswords no/' /etc/ssh/sshd_config \
- && mkdir -p /home/testuser/upload \
- && chown testuser:testuser /home/testuser/upload
+ && sed -i 's/^#PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config \
+ && mkdir -p /home/testuser/.ssh /home/testuser/upload \
+ && chown testuser:testuser /home/testuser/.ssh /home/testuser/upload \
+ && chmod 700 /home/testuser/.ssh
+COPY test_rsa.pub /home/testuser/.ssh/authorized_keys
+RUN chown testuser:testuser /home/testuser/.ssh/authorized_keys \
+ && chmod 600 /home/testuser/.ssh/authorized_keys
 EXPOSE 22
 CMD ["/usr/sbin/sshd", "-D", "-e"]

packages/secure-exec/tests/e2e-docker/dockerfiles/test_rsa.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMfgWmy0NURjTyN/z8i5WKaopttj+kg5XK1xHH/wewk+mvcjo85a+SZdCf1+E1CMfINPFrgtTE5E15Ncq9Se3fQ/TvJPI17g7DxDlC0a3sdLP6yHxOTbrXiM1W01yVmiM2cGIFv7ZHOiAqOY8BwdYJ1639VOWJXSJbK8iLKBK6bErNM/KcUSq/s4wzamM0BID1xbTDKYkzRhKaH2oqM1bQ+5ipbTEnVqL+46vxN4qxr7LX16fteAEO6yTexsMT5zrS8dVFVwemBN4Cx16Hsxu0YS9/s3Pr69oxrFCC2hFgaiBUYozKpka5okk3zenIi5GSYcxItA92VK2otGc6P6VB testuser@e2e-docker

packages/secure-exec/tests/e2e-docker/ssh2-key-auth/fixture.json

@@ -0,0 +1,5 @@
+{
+	"entry": "src/index.js",
+	"expectation": "pass",
+	"services": ["ssh"]
+}

packages/secure-exec/tests/e2e-docker/ssh2-key-auth/keys/test_rsa

@@ -0,0 +1,27 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAQEAzH4FpstDVEY08jf8/IuVimqKbbY/pIOVytcRx/8HsJPpr3I6POWv
+kmXQn9fhNQjHyDTxa4LUxORNeTXKvUnt30P07yTyNe4Ow8Q5QtGt7HSz+sh8Tk2614jNVt
+NclZojNnBiBb+2RzogKjmPAcHWCdet/VTliV0iWyvIiygSumxKzTPynFEqv7OMM2pjNASA
+9cW0wymJM0YSmh9qKjNW0PuYqW0xJ1ai/uOr8TeKsa+y19en7XgBDusk3sbDE+c60vHVRV
+cHpgTeAsdeh7MbtGEvf7Nz6+vaMaxQgtoRYGogVGKMyqZGuaJJN83pyIuRkmHMSLQPdlSt
+qLRnOj+lQQAAA9C1Ezn+tRM5/gAAAAdzc2gtcnNhAAABAQDMfgWmy0NURjTyN/z8i5WKao
+pttj+kg5XK1xHH/wewk+mvcjo85a+SZdCf1+E1CMfINPFrgtTE5E15Ncq9Se3fQ/TvJPI1
+7g7DxDlC0a3sdLP6yHxOTbrXiM1W01yVmiM2cGIFv7ZHOiAqOY8BwdYJ1639VOWJXSJbK8
+iLKBK6bErNM/KcUSq/s4wzamM0BID1xbTDKYkzRhKaH2oqM1bQ+5ipbTEnVqL+46vxN4qx
+r7LX16fteAEO6yTexsMT5zrS8dVFVwemBN4Cx16Hsxu0YS9/s3Pr69oxrFCC2hFgaiBUYo
+zKpka5okk3zenIi5GSYcxItA92VK2otGc6P6VBAAAAAwEAAQAAAQBl/k80T3pv/Kpoy2sX
+zUkTZitQKE/a7rSWHKomPfnoZQXvt4H7oLXux3CEYSjXCl+W6G0nafRUlehcVeueeNK3go
+4Wfy99nZRoqSTEQo/EebrREREK/zL7UKTWMwqhJWV9wBTr+CBiq0eit92viy4F77i8u4zW
+9AhwP8jBO4YHy5omHX57Q/z7mqTR/aaWftV0KvMsfIfkKqthvsNh6fwwz8ua6P6Y+9Cnaz
+h3OVAjAKRHYYjHKPf0gYVXrftGcg1dzpKzvnlNJWyTOJ+UYZvSGSRs5ErA3fJLVeAyo1Lk
+c/qznygK8AUCyMD5sjuGYRIu7i5M6Y530LUTWtx7ryF/AAAAgQCTW9Soxl2ON299pW5Htu
+/5k4gQC7ILgRare7vRjix9JhGeg7nwzdhblSc24ld5vTSO4ij2sNzp5Z4OzfvDXoDEED/5
+lrrTxRyjiQZGRICdnJMHs/yAJEU51HfWhREaR1gChmQ6+28eTy1nbhikGF5m97t8ysBlp1
+xW54MZMQdjgwAAAIEA7agaXhh7bH5JTj5X2525bCkk5nGHG4TYTI6SbdduI+2MUYdAdOva
+Abv+d9Ysm5bGgJxEsCkYomhbxOfzO46Z/2Dp/Zx6Ll9Y/hgOc+0v87d5xsI2eClIb+L8/c
+wyhmn3U7FoKAGIpX4logr/9scPbqMyvqEMDW5zCsbVEX1xLj8AAACBANxGnl/WL5hEVtPm
+Giw8jMw6/Gc976F6nBAPRQjRRgWya3rpU8jGay4C8jyIdC+T068kFZGVuIl/juT3Egjr1A
+6dHg+da0zGEYtqSb8WIobQIFJ8bKEvW2Ov9SiRHuT2fxYN8vPG2xV7/bDO9oQTf0XIGL4p
+efBL/B3BBc1A4Ux/AAAAE3Rlc3R1c2VyQGUyZS1kb2NrZXIBAgMEBQYH
+-----END OPENSSH PRIVATE KEY-----

packages/secure-exec/tests/e2e-docker/ssh2-key-auth/keys/test_rsa.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMfgWmy0NURjTyN/z8i5WKaopttj+kg5XK1xHH/wewk+mvcjo85a+SZdCf1+E1CMfINPFrgtTE5E15Ncq9Se3fQ/TvJPI17g7DxDlC0a3sdLP6yHxOTbrXiM1W01yVmiM2cGIFv7ZHOiAqOY8BwdYJ1639VOWJXSJbK8iLKBK6bErNM/KcUSq/s4wzamM0BID1xbTDKYkzRhKaH2oqM1bQ+5ipbTEnVqL+46vxN4qxr7LX16fteAEO6yTexsMT5zrS8dVFVwemBN4Cx16Hsxu0YS9/s3Pr69oxrFCC2hFgaiBUYozKpka5okk3zenIi5GSYcxItA92VK2otGc6P6VB testuser@e2e-docker

packages/secure-exec/tests/e2e-docker/ssh2-key-auth/package.json

@@ -0,0 +1,8 @@
+{
+	"name": "e2e-docker-ssh2-key-auth",
+	"private": true,
+	"type": "commonjs",
+	"dependencies": {
+		"ssh2": "1.17.0"
+	}
+}

packages/secure-exec/tests/e2e-docker/ssh2-key-auth/src/index.js

@@ -0,0 +1,55 @@
+const { Client } = require("ssh2");
+const fs = require("fs");
+const path = require("path");
+
+async function main() {
+	const privateKey = fs.readFileSync(
+		path.join(__dirname, "..", "keys", "test_rsa"),
+	);
+
+	const result = await new Promise((resolve, reject) => {
+		const conn = new Client();
+
+		conn.on("ready", () => {
+			conn.exec("echo hello-from-key-auth && whoami", (err, stream) => {
+				if (err) return reject(err);
+
+				let stdout = "";
+				let stderr = "";
+
+				stream.on("data", (data) => {
+					stdout += data.toString();
+				});
+				stream.stderr.on("data", (data) => {
+					stderr += data.toString();
+				});
+				stream.on("close", (code) => {
+					conn.end();
+					resolve({
+						connected: true,
+						authMethod: "publickey",
+						code,
+						stdout: stdout.trim(),
+						stderr: stderr.trim(),
+					});
+				});
+			});
+		});
+
+		conn.on("error", reject);
+
+		conn.connect({
+			host: process.env.SSH_HOST,
+			port: Number(process.env.SSH_PORT),
+			username: "testuser",
+			privateKey,
+		});
+	});
+
+	console.log(JSON.stringify(result));
+}
+
+main().catch((err) => {
+	console.error(err.message);
+	process.exit(1);
+});