Force the format of ssh key to PEM, at least for now

Unfortunately it is not possible to switch to the new, more secure, native
format of OpenSSH >=6.5, because paramiko does not support it:
https://github.com/paramiko/paramiko/issues/602

This change should fix the unit test (and probably the behavior)
when sahara services are executed on distributions which ships
OpenSSL 1.1 and which switched to the new format by default
(at least the current Debian Sid and Fedora 28).

Story: 2003674
Task: 26193
Change-Id: I51c8daebe42345ee5d610356d2c1710a069f0355
This commit is contained in:
Luigi Toscano 2018-09-25 14:37:04 +02:00
parent b03b5ebbe8
commit e0fd845de1
1 changed files with 4 additions and 0 deletions

View File

@ -36,10 +36,14 @@ def generate_key_pair(key_length=2048):
"""
with tempfiles.tempdir() as tmpdir:
keyfile = os.path.join(tmpdir, 'tempkey')
# The key is generated in the old PEM format, instead of the native
# format of OpenSSH >=6.5, because paramiko does not support it:
# https://github.com/paramiko/paramiko/issues/602
args = [
'ssh-keygen',
'-q', # quiet
'-N', '', # w/o passphrase
'-m', 'PEM', # old PEM format
'-t', 'rsa', # create key of rsa type
'-f', keyfile, # filename of the key file
'-C', 'Generated-by-Sahara' # key comment