Public bug reported: The DEP8 test introduced in https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2053146 could still show s PASS even when the login didn't work. This is because it's relying on `set -e` to work inside functions, but that's not the case.
For example, here I forced a failure by using an invalid user (I added "x" to the username): ``` ## ssh'ing into localhost using gssapi-keyex auth testuser229...@sshd-gssapi.example.fake: Permission denied (gssapi-keyex). ## checking that we got a service ticket for ssh (host/) 03/18/24 12:16:55 03/18/24 22:16:55 host/sshd-gssapi.example.fake@ Ticket server: host/sshd-gssapi.example.f...@example.fake ## Checking ssh logs to confirm gssapi-keyex auth was used Mar 18 12:16:55 sshd-gssapi.example.fake sshd[22994]: Failed gssapi-keyex for invalid user testuser22924x from 127.0.0.1 port 39550 ssh2: testuser22...@example.fake ## PASS test_gssapi_keyex_login ``` Furthermore, the --grep option used in journalctl is not specific enough, as can also be seen above. It's just looking for the authentication method name, not whether is succeeded or not. ** Affects: openssh (Ubuntu) Importance: High Assignee: Andreas Hasenack (ahasenack) Status: In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058276 Title: Improve ssh-gssapi DEP8 test To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2058276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs