Add type to allow ECDSA keys
Some tempest tests will fail under FIPS because they are trying to ssh to a cirrus instance that has a version of dropbear that does not support signatures other than using SHA-1 for RSA keys. This is not allowed under FIPS. The workaround until cirros is updated is to use ECDSA keys. This patch allows the key type to be specified. Depends-On: https://review.opendev.org/c/openstack/tempest/+/807465 Change-Id: I34ac429ab5442cef056ee8b63fcb2ba41e8b9b27
This commit is contained in:
parent
7de0490e79
commit
d0ea406ee4
|
@ -185,7 +185,8 @@ class ActiveStandbyIptablesScenarioTest(
|
|||
ssh_key = cls._get_amphora_ssh_key()
|
||||
linux_client = remote_client.RemoteClient(
|
||||
amp['lb_network_ip'], CONF.load_balancer.amphora_ssh_user,
|
||||
pkey=ssh_key)
|
||||
pkey=ssh_key,
|
||||
ssh_key_type=CONF.validation.ssh_key_type)
|
||||
linux_client.validate_authentication()
|
||||
|
||||
# Allow logging from non-init namespaces
|
||||
|
@ -202,7 +203,8 @@ class ActiveStandbyIptablesScenarioTest(
|
|||
def _has_vip_traffic(cls, ip_address, log_prefix):
|
||||
ssh_key = cls._get_amphora_ssh_key()
|
||||
linux_client = remote_client.RemoteClient(
|
||||
ip_address, CONF.load_balancer.amphora_ssh_user, pkey=ssh_key)
|
||||
ip_address, CONF.load_balancer.amphora_ssh_user, pkey=ssh_key,
|
||||
ssh_key_type=CONF.validation.ssh_key_type)
|
||||
linux_client.validate_authentication()
|
||||
|
||||
try:
|
||||
|
|
|
@ -981,7 +981,8 @@ class LoadBalancerBaseTestWithCompute(LoadBalancerBaseTest):
|
|||
local_file = CONF.load_balancer.test_server_path
|
||||
|
||||
linux_client = remote_client.RemoteClient(
|
||||
ip_address, CONF.validation.image_ssh_user, pkey=ssh_key)
|
||||
ip_address, CONF.validation.image_ssh_user, pkey=ssh_key,
|
||||
ssh_key_type=CONF.validation.ssh_key_type)
|
||||
linux_client.validate_authentication()
|
||||
|
||||
with tempfile.NamedTemporaryFile() as key:
|
||||
|
@ -1036,7 +1037,8 @@ class LoadBalancerBaseTestWithCompute(LoadBalancerBaseTest):
|
|||
def _enable_ipv6_nic_webserver(cls, ip_address, ssh_key,
|
||||
ipv6_address, ipv6_prefix):
|
||||
linux_client = remote_client.RemoteClient(
|
||||
ip_address, CONF.validation.image_ssh_user, pkey=ssh_key)
|
||||
ip_address, CONF.validation.image_ssh_user, pkey=ssh_key,
|
||||
ssh_key_type=CONF.validation.ssh_key_type)
|
||||
linux_client.validate_authentication()
|
||||
|
||||
linux_client.exec_command('sudo ip address add {0}/{1} dev '
|
||||
|
|
Loading…
Reference in New Issue