Force the format of ssh key to PEM, at least for now
Unfortunately it is not possible to switch to the new, more secure, native format of OpenSSH >=6.5, because paramiko does not support it: https://github.com/paramiko/paramiko/issues/602 A similar change has been applied to sahara some time ago: https://review.opendev.org/605028 Story: 2003674 Task: 35983 Change-Id: I5683245c0a9373e299a647f7f61d3e6a2de284e6
This commit is contained in:
parent
994b21aacd
commit
9f57fcaa9f
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
Force the PEM format for the generated ssh keys,
|
||||
because paramiko does not yet support the new one
|
||||
(https://github.com/paramiko/paramiko/issues/602).
|
|
@ -35,10 +35,14 @@ def generate_key_pair(key_length=2048):
|
|||
"""
|
||||
with tempfiles.tempdir() as tmpdir:
|
||||
keyfile = os.path.join(tmpdir, 'tempkey')
|
||||
# The key is generated in the old PEM format, instead of the native
|
||||
# format of OpenSSH >=6.5, because paramiko does not support it:
|
||||
# https://github.com/paramiko/paramiko/issues/602
|
||||
args = [
|
||||
'ssh-keygen',
|
||||
'-q', # quiet
|
||||
'-N', '', # w/o passphrase
|
||||
'-m', 'PEM', # old PEM format
|
||||
'-t', 'rsa', # create key of rsa type
|
||||
'-f', keyfile, # filename of the key file
|
||||
'-C', 'Generated-by-Sahara' # key comment
|
||||
|
|
Loading…
Reference in New Issue