Skip to content

Add checking of bastion host

Rasmus Dahlberg requested to merge rgdd/bastion into sigsum

Tested my branch on tee.sigsum.org as follows:

$ sudo -u sigsumchecker /var/sigsumchecker/usr/src/checker.testing/main.py -m cron -c hour --nomail
$ sudo -u sigsumchecker /var/sigsumchecker/usr/src/checker.testing/main.py -m cron -c day --nomail

Works.

When I stop my witness the hour job gets an error as expected.

I also (manually) tried changing the bastion DNS name to something invalid, just to see that the hour job which expects to find a certificate then fails as expected.

So, seems to be working!

Merge request reports