func TestCertLogin(t *testing.T) { s := newServer(t) defer s.Shutdown() // Use a key different from the default. clientKey := testSigners["dsa"] caAuthKey := testSigners["ecdsa"] cert := &ssh.Certificate{ Key: clientKey.PublicKey(), ValidPrincipals: []string{username()}, CertType: ssh.UserCert, ValidBefore: ssh.CertTimeInfinity, } if err := cert.SignCert(caAuthKey); err != nil { t.Fatalf("SetSignature: %v", err) } certSigner, err := ssh.NewCertSigner(cert, clientKey) if err != nil { t.Fatalf("NewCertSigner: %v", err) } conf := &ssh.ClientConfig{ User: username(), } conf.Auth = append(conf.Auth, ssh.PublicKeys(certSigner)) client, err := s.TryDial(conf) if err != nil { t.Fatalf("TryDial: %v", err) } client.Close() }
func sshClientConfig(user string, checker *HostKeyChecker) (*gossh.ClientConfig, error) { agentClient, err := SSHAgentClient() if err != nil { return nil, err } signers, err := agentClient.Signers() if err != nil { return nil, err } cfg := gossh.ClientConfig{ User: user, Auth: []gossh.AuthMethod{ gossh.PublicKeys(signers...), }, } if checker != nil { cfg.HostKeyCallback = checker.Check } return &cfg, nil }