Hi Harish, On Thu, 2024-04-18 at 03:50 -0700, Sadineni, Harish via lists.openembedded.org wrote: > From: Harish Sadineni <[email protected]> > > while runnig oe-selftest for gcc, testcases that need to be run on > qemu are not running due to below failures. > - Executing on ssh: mkdir -p /tmp/runtest.3549641 (timeout = 300) > spawn [open ...] > Host key verification failed. > ERROR: Couldn't create remote directory /tmp/runtest.3549641 on > ssh > - kex_exchange_identification: read: Connection reset by peer^M > Connection reset by 192.168.7.2 port 22^M > ERROR: Couldn't create remote directory /tmp/runtest.3549814 on > ssh > > Host key verification failure is happening when ssh board config file > name is defined as "ssh.exp" and there are multiple ssh.exp files > generated during the build and a wrong ssh config was taken. To > resolve this changed the board config file name to "linux-ssh.exp" > which ensures correct ssh settings are used. > > To resolve kex exchange identification error increased the > MaxStartups. > > Signed-off-by: Harish Sadineni <[email protected]> > --- > meta/lib/oeqa/selftest/cases/gcc.py | 2 +- > meta/recipes-connectivity/openssh/openssh/sshd_config | 2 +- > meta/recipes-devtools/gcc/gcc-testsuite.inc | 2 +- > 3 files changed, 3 insertions(+), 3 deletions(-)
Thanks for these. They did pass testing on the autobuilder but I there are some style tweaks needed before they can merge and we have to answer some questions about the sshd_config changes. Style wise, the shortlog of the patch (subject line) needs to be improved. It should start "oeqa/selftest/gcc:" to make it clear this isn't a gcc recipe change but a selftest change. The shortlog should also be a short summary, so for example: oeqa/selftest/gcc: Fix ssh tests to run correctly The longer log can contain contain information about the host key and key exchange pieces. Moving on to the patch content, the openssh piece needs to be separated out into a separate patch as it is changing a quite key separate part of the system. I noticed the second patch also has an openssh change, so perhaps combine those two changes together into a separate patch. The second patch also needs the shortlog improving similar to the above. The rest of the patch content is good. The remaining issue is where/when to apply the openssh changes. My worry is that this does have potential DoS implications on real target devices as the config change is being made globally. It made me wonder if we should have a "qemuall" openssh config that applies to our qemu machines we use for testing as way of handling this? Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198701): https://lists.openembedded.org/g/openembedded-core/message/198701 Mute This Topic: https://lists.openembedded.org/mt/105595459/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
