sshnoports: Add unit tests

[gkc]

Is your feature request related to a problem? Please describe.

No unit tests currently

Describe the solution you'd like

Need unit tests which, while they do not test the whole thing end to end, can check the logic and behaviour of the atProtocol interactions - the records that are created and updated, the notifications that are sent and received, etc

Describe alternatives you've considered

No response

Additional context

No response

### Tasks
- [ ] impl
- [ ] impl/dart pure
- [ ] impl/openssh local
- [ ] impl/unsigned (legacy)
- [x] models
- [x] models/config file repo (mostly done - last piece requires stubbing file io)
- [x] models/config key repo
- [x] models/sshnp arg
- [x] models/sshnp device list
- [x] models/sshnp params
- [x] models/sshnp result (done, but subject to change)
- [ ] util
- [x] util/initial tunnel
- [ ] util/initial tunnel/dart
- [ ] util/initial tunnel/openssh
- [x] util/ssh key handler
- [x] util/ssh key handler/dart
- [x] util/ssh key handler/local
- [x] util/sshnpd channel
- [x] util/sshnpd channel/default
- [x] util/sshnpd channel/unsigned
- [x] util/sshrvd channel
- [x] util/sshrvd channel/dart
- [x] util/sshrvd channel/exec
- [x] sshnp core
- [x] sshnp (public interface)

[gkc]

Unassigning myself and moving to Triage again ... hoping someone else has capacity to pick this up in this sprint

[purnimavenkatasubbu]

@cconstab I was trying to run sshnp, But I got a remote SSH client failure

1. sshnpd in aws ubuntu@ip-172-26-14-158:~/sshnp$ ./sshnpd -a @95consistent -m @aquamarine659 -d device1 -u SHOUT|2023-04-06 11:24:48.698741| sshnpd |Starting @95consistent sync

SHOUT|2023-04-06 11:24:55.364158| sshnpd |@95consistent sync complete

SHOUT|2023-04-06 11:27:16.519554| sshnpd |ssh session started from: @aquamarine659 session: 45891ce5-1f0e-4248-a409-a35885cb01b6

2. sshnp

dart sshnp.dart -k sshnoports/.atsign/keys/@aquamarine659_key.atKeys -f @aquamarine659 -t @95consistent -h 27d00de9-3719-56b3-82d2-5b97212a9959.swarm0002.atsign.zone -p 2215 -d device1

sshnp_logs.txt

From the logs, I could see a failure as

Remote sshnpd error: Remote SSH Client failure : SSHAuthAbortError(Connection closed before authentication)

But at the end, it says notification as delivered

FINER|2023-04-06 16:57:17.067081|AtLookup|SENDING: notify:status:91752f94-991c-47e4-aa0b-232c0d7958eb

FINER|2023-04-06 16:57:17.332635|OutboundMessageListener|RECEIVED data:delivered

[cconstab]

So the -h and -p should point to the place you are running sshnp.. Currently you have the host and the port of the secondary server which is not where you are running ssh from..

My Host -------------------------> Hosty I want to log into sshnp ----------------------------> sshnpd sshd (port 22) <-------------------sshnpd

so in this case the -h "my host" and -p "22"

hope that helps

[cconstab]

The sshnp repo has lots of clues https://github.com/atsign-foundation/sshnoports

[murali-shris]

@cconstab We tried to run sshnpd on my machine and sshnp on @purnimavenkatasubbu machine

Remote machine:

• dart bin/sshnpd.dart -a @91elephant -m @ninelivesfew11 -d sshnptest -u sshnptest -s -v log file - https://github.com/atsign-foundation/sshnoports/files/11199144/remote_sshnpd.log
• murali@murali-Latitude-3460:/etc/ssh$ ssh -R 0:localhost:2222 tunnel.us.ngrok.com tcp Allocated port 15869 for remote forward to localhost:2222

ngrok (via SSH) (Ctrl+C to quit)

Account [email protected] (Plan: Free) Region us Forwarding tcp://4.tcp.ngrok.io:15869

• added public key from client to .ssh/authorized_keys murali@murali-Latitude-3460:~/.ssh$ cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+thV+w+fkRlRLh5QkbYGYXYIjHzwtqK1yhzFzS2FXq9ww5AVmDlTSge1g8mZGEQ4h+HX9O7kHDmsUKzF017F/rQv5JVE93THM3CXxKgnohq9wYyDDEHs5BXmLisWNyc9I8vf+dN2ngJa8tSRmiPoiBc+qYsizYTpIXxI8FfJj3vJbQ/HhxTmi3V1Ilo7LV+WgfVn8QSZk+mQ5aS/uu835WTQGZ0YtY7ml38DX28xGclVWQ/2aSUxsQHQpPwJopL8rzucmvX6PQNZDeoMBB74UoFab4mDnAgd4XWxOtEsNzlg2+XcHSZhKhuvKt7TrGrrJuSP9CTXrMQEj84upPkmR shaikirfan@SHLT013

client machine: shaikirfan@SHLT013:~/Desktop/sshnp/sshnoports$ dart bin/sshnp.dart -f @ninelivesfew11 -t @91elephant -h 4.tcp.ngrok.io -p 15869 -l 3456 -d sshnptest -s id_rsa.pub log file https://github.com/atsign-foundation/sshnoports/files/11199141/client_sshnp.log

remote machine: murali@murali-Latitude-3460:/etc/ssh$ ssh -R 0:localhost:2222 tunnel.us.ngrok.com tcp Allocated port 15869 for remote forward to localhost:2222

ngrok (via SSH) (Ctrl+C to quit)

Account [email protected] (Plan: Free) Region us Forwarding tcp://4.tcp.ngrok.io:15869

TCP connection opened TCP connection closed TCP connection opened TCP connection closed TCP connection opened TCP connection closed TCP connection opened TCP connection closed

murali@murali-Latitude-3460:~/git/at_protocol/sshnoports$ journalctl -fu ssh -- Logs begin at Tue 2022-11-08 16:31:00 IST. -- Apr 11 15:15:50 murali-Latitude-3460 sshd[12548]: Invalid user shaikirfan from 127.0.0.1 port 60094 Apr 11 15:15:50 murali-Latitude-3460 sshd[12548]: Connection closed by invalid user shaikirfan 127.0.0.1 port 60094 [preauth] Apr 11 15:17:23 murali-Latitude-3460 sshd[17638]: Invalid user shaikirfan from 127.0.0.1 port 53258 Apr 11 15:17:24 murali-Latitude-3460 sshd[17638]: Connection closed by invalid user shaikirfan 127.0.0.1 port 53258 [preauth] Apr 11 15:18:19 murali-Latitude-3460 sshd[20664]: Invalid user shaikirfan from 127.0.0.1 port 37644 Apr 11 15:18:20 murali-Latitude-3460 sshd[20664]: Connection closed by invalid user shaikirfan 127.0.0.1 port 37644 [preauth] Apr 11 15:18:49 murali-Latitude-3460 sshd[22016]: Invalid user shaikirfan from 127.0.0.1 port 33968 Apr 11 15:18:50 murali-Latitude-3460 sshd[22016]: Connection closed by invalid user shaikirfan 127.0.0.1 port 33968 [preauth]

[murali-shris]

client_sshnp.log remote_sshnpd.log

[cconstab]

I would make sure that ssh logins are allowed on the remote machine the logs would suggest they are not..

To test on the remote machine try

ssh 0

You should be able to login

The other thing I notice is the sshnpd has -u sshnptest but the -u is just a flag and will pick up the processes username that is running sshnpd.

[murali-shris]

ssh 0

In the remote machine on which sshnpd runs, I ran the ssh service on port 2222. ssh 0 didn't work. ssh 0 -p 2222 works. Should I run the ssh service on the remote machine on port 22 or 2222?

---

We tried a manual ssh from purnima's machine to murali's machine ssh -i /home/shaikirfan/.ssh/id_rsa -p 13026 [email protected] With this command we were getting the error on ssh in murali's machine

Invalid user shaikirfan from 127.0.0.1 port xxxxx

shaikirfan is the username on Purnima's machine. sshnp.dart also picks this username from envVars I guess. The below command worked ssh -i /home/shaikirfan/.ssh/id_rsa -p 13026 [email protected]

[gkc]

Will ping on here once sshnp refactoring is complete so that unit tests can be written, likewise then for sshnpd and sshrvd

[gkc]

sshnp refactoring is complete; a small number of unit tests were added during PR64

[gkc]

no progress during PR65 but work should proceed during PR66 now that refactoring is complete for sshnpd and sshnp

[XavierChanth]

Refactoring is mostly done, but there are still some bugs that need to be addressed first. Once v3.4.0 is officially released I will update this card.

[gkc]

Since we now have comprehensive end-to-end test automation, this is not as important; reducing priority to P2

[XavierChanth]

Reducing to 5SP

[XavierChanth]

Lowered priority to P1 now that we've released 4.0.0

[XavierChanth]

Will resume in PR 78

[gkc]

Will resume in PR80

[XavierChanth]

I think this is in a good place for now, e2e tests cover the rest.