OpenSSH Server integration tests installing and using libnss_iam.so.2 with OpenSSH(d).
Requires an AWS IAM user with ssh public key set.
Ensure the [default] profile is a non-expired shared credentials file entry:
[default]
assumed_role = False
aws_access_key_id = ...
aws_secret_access_key = ...
aws_session_token = ...
aws_security_token = ...
expiration = ...Build the target system docker image, run sshd + configs:
libnss-iam/integration-tests/sshd$ make docker-build
libnss-iam/integration-tests/sshd$ make docker-sshdIn another terminal connect using ssh client:
# ssh-add ~/.ssh/id_rsa
$ ssh -p 2222 -o IdentitesOnly=yes -i ~/.ssh/id_rsa <iam-user>@localhostRun an interactive shell with the sshd configs:
libnss-iam/integration-tests/sshd$ make docker-shell
root@sshd-worker-ubuntu-16-04:/# dpkg -i /libnss-iam/libnss-iam-0.1.deb
root@sshd-worker-ubuntu-16-04:/# ldd /lib/libnss_iam.so.2
root@sshd-worker-ubuntu-16-04:/# getent passwd <iam-user>
_nss_iam_getpwnam_r <iam-user> sshd 1024 0
fvogt:*:65295:10:arn aws iam <acct-id> user/<iam-user>:/home/<iam-user>:/bin/bash