Need test that monkeysphere-authentication properly removes invalid keys from authorized_keys files
We do not currently test that the monkeysphere-authentication function properly removes invalid keys from authorized_keys files. This is a pretty important thing to test, though. It's a bit tricky with our current test setup, though. Here's what I'm thinking about how the test should work:
add testuser's key to testuser's authorized_keys file
make testuser's gpg key invalid in the test authentication keyring
ssh-test for failure
reset
Anyone have any good suggestions on how to do #2? We currently import testuser's gpg key with:
gpg --export testuser | monkeysphere-authentication gpg-cmd --import
Any ideas how to make it invalid, and then undo it to make it valid again?
(from redmine: created on 2010-10-17)
Edited by John Scott