default hash function and hash format changed in OpenSSH 6.8 (ssh-keygen)
Bug #1464298 reported by
Victor Stinner
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Invalid
|
Low
|
Victor Stinner | ||
Kilo |
Fix Released
|
Low
|
Victor Stinner |
Bug Description
The following tests fail on Fedora 22 because ssh-keygen output changed in OpenSSH 6.8:
* nova.tests.
* nova.tests.
Before OpenSSH used MD5 and hex with colons to display a fingerprint. It now uses SHA256 encoded to base64:
"""
* Add FingerprintHash option to ssh(1) and sshd(8), and equivalent
command-line flags to the other tools to control algorithm used
for key fingerprints. The default changes from MD5 to SHA256 and
format from hex to base64.
"""
http://
tags: | added: crypto fedora |
tags: | added: kilo-backport-potential |
Changed in nova: | |
status: | Confirmed → In Progress |
Changed in nova: | |
assignee: | Eric Brown (ericwb) → Victor Stinner (victor-stinner) |
Changed in nova: | |
status: | In Progress → Invalid |
To post a comment you must log in.
Oh, Nova master doesn't use ssh-keygen anymore since https:/ /review. openstack. org/#/c/ 157931/ was merged?
The change was backported to Juno: https:/ /review. openstack. org/#/c/ 189814/
We need maybe also to backport it to Kilo?