1 files changed, 0 insertions, 114 deletions

diff --git a/tests/test_transport.py b/tests/test_transport.py
index ee00830a..d8b6cb99 100644
--- a/tests/test_transport.py
+++ b/tests/test_transport.py
@@ -36,7 +36,6 @@ from paramiko import (
     Packetizer,
     RSAKey,
     SSHException,
-    AuthenticationException,
     IncompatiblePeer,
     SecurityOptions,
     Transport,
@@ -64,8 +63,6 @@ from ._util import (
     server,
     _disable_sha2,
     _disable_sha1,
-    _disable_sha2_pubkey,
-    _disable_sha1_pubkey,
     TestServer as NullServer,
 )
 from ._loop import LoopSocket
@@ -1216,114 +1213,3 @@ class TestExtInfo(unittest.TestCase):
             # Client settled on 256 despite itself not having 512 disabled (and
             # otherwise, 512 would have been earlier in the preferred list)
             assert tc._agreed_pubkey_algorithm == "rsa-sha2-256"
-
-
-# TODO: these could move into test_auth.py but that badly needs refactoring
-# with this module anyways...
-class TestSHA2SignaturePubkeys(unittest.TestCase):
-    def test_pubkey_auth_honors_disabled_algorithms(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        with server(
-            pubkeys=[privkey],
-            connect=dict(pkey=privkey),
-            init=dict(
-                disabled_algorithms=dict(
-                    pubkeys=["ssh-rsa", "rsa-sha2-256", "rsa-sha2-512"]
-                )
-            ),
-            catch_error=True,
-        ) as (_, _, err):
-            assert isinstance(err, SSHException)
-            assert "no RSA pubkey algorithms" in str(err)
-
-    def test_client_sha2_disabled_server_sha1_disabled_no_match(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        with server(
-            pubkeys=[privkey],
-            connect=dict(pkey=privkey),
-            client_init=_disable_sha2_pubkey,
-            server_init=_disable_sha1_pubkey,
-            catch_error=True,
-        ) as (tc, ts, err):
-            assert isinstance(err, AuthenticationException)
-
-    def test_client_sha1_disabled_server_sha2_disabled_no_match(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        with server(
-            pubkeys=[privkey],
-            connect=dict(pkey=privkey),
-            client_init=_disable_sha1_pubkey,
-            server_init=_disable_sha2_pubkey,
-            catch_error=True,
-        ) as (tc, ts, err):
-            assert isinstance(err, AuthenticationException)
-
-    @requires_sha1_signing
-    def test_ssh_rsa_still_used_when_sha2_disabled(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        # NOTE: this works because key obj comparison uses public bytes
-        # TODO: would be nice for PKey to grow a legit "give me another obj of
-        # same class but just the public bits" using asbytes()
-        with server(
-            pubkeys=[privkey], connect=dict(pkey=privkey), init=_disable_sha2
-        ) as (tc, _):
-            assert tc.is_authenticated()
-
-    @requires_sha1_signing
-    def test_first_client_preferred_algo_used_when_no_server_sig_algs(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        # Server pretending to be an apparently common setup:
-        # - doesn't support (or have enabled) sha2
-        # - also doesn't support (or have enabled) server-sig-algs/ext-info
-        # This is the scenario in which Paramiko has to guess-the-algo, and
-        # where servers that don't support sha2 or server-sig-algs give us
-        # trouble.
-        server_init = dict(_disable_sha2_pubkey, server_sig_algs=False)
-        with server(
-            pubkeys=[privkey],
-            connect=dict(username="slowdive", pkey=privkey),
-            server_init=server_init,
-            catch_error=True,
-        ) as (tc, ts, err):
-            assert not tc.is_authenticated()
-            assert isinstance(err, AuthenticationException)
-            # Oh no! this isn't ssh-rsa, and our server doesn't support sha2!
-            assert tc._agreed_pubkey_algorithm == "rsa-sha2-512"
-
-    def test_sha2_512(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        with server(
-            pubkeys=[privkey],
-            # TODO: why is this passing without a username?
-            connect=dict(pkey=privkey),
-            init=dict(
-                disabled_algorithms=dict(pubkeys=["ssh-rsa", "rsa-sha2-256"])
-            ),
-        ) as (tc, ts):
-            assert tc.is_authenticated()
-            assert tc._agreed_pubkey_algorithm == "rsa-sha2-512"
-
-    def test_sha2_256(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        with server(
-            pubkeys=[privkey],
-            connect=dict(pkey=privkey),
-            init=dict(
-                disabled_algorithms=dict(pubkeys=["ssh-rsa", "rsa-sha2-512"])
-            ),
-        ) as (tc, ts):
-            assert tc.is_authenticated()
-            assert tc._agreed_pubkey_algorithm == "rsa-sha2-256"
-
-    def test_sha2_256_when_client_only_enables_256(self):
-        privkey = RSAKey.from_private_key_file(_support("rsa.key"))
-        with server(
-            pubkeys=[privkey],
-            connect=dict(pkey=privkey),
-            # Client-side only; server still accepts all 3.
-            client_init=dict(
-                disabled_algorithms=dict(pubkeys=["ssh-rsa", "rsa-sha2-512"])
-            ),
-        ) as (tc, ts):
-            assert tc.is_authenticated()
-            assert tc._agreed_pubkey_algorithm == "rsa-sha2-256"