puppet-octavia

ssh-rsa key is no longer allowed in CentOS 9

Bug #1986651 reported by Takashi Kajinami on 2022-08-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	puppet-octavia	Fix Released	Medium	Takashi Kajinami

Bug Description

The octavia::worker class generates the ssh key for amphora instances when the manage_keygen parameter is set to True.

However currently the ssh key is always generated with rsa type which is no longer allowed in CentOS 9.

Takashi Kajinami (kajinamit) on 2022-08-16

Changed in puppet-octavia:
importance:	Undecided → Medium
assignee:	nobody → Takashi Kajinami (kajinamit)

OpenStack Infra (hudson-openstack) on 2022-08-16

Changed in puppet-octavia:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-08-16: Fix merged to puppet-octavia (master)

Reviewed: https://review.opendev.org/c/openstack/puppet-octavia/+/853253
Committed: https://opendev.org/openstack/puppet-octavia/commit/b14e9337f27cb03155bc78ff2ff46cfb917f0a36
Submitter: "Zuul (22348)"
Branch: master

commit b14e9337f27cb03155bc78ff2ff46cfb917f0a36
Author: Takashi Kajinami <email address hidden>
Date: Tue Aug 16 17:42:26 2022 +0900

Bump upper version of puppet-ssh_keygen

    Depends-on: https://review.opendev.org/853228
    Partial-Bug: #1986651
    Change-Id: Id47f00be1172844a383a2b470cbbb42036d6ada7

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-08-17:

Reviewed: https://review.opendev.org/c/openstack/puppet-octavia/+/853229
Committed: https://opendev.org/openstack/puppet-octavia/commit/fcd1225ae6c2d4ca546a71a63c7cc0eadb2a3a1f
Submitter: "Zuul (22348)"
Branch: master

commit fcd1225ae6c2d4ca546a71a63c7cc0eadb2a3a1f
Author: Takashi Kajinami <email address hidden>
Date: Tue Aug 16 16:28:02 2022 +0900

Support customizing ssh key type

    This change introduces a few new parameters to customize type of
    the ssh key automatically generated. This is required especially in
    recent operating systems like CentOS 9 which no longer allow RSA key
    by default.

Closes-Bug: #1986651
Change-Id: I73f8b584ac228a0ba65b531c2e8d9f6495d63ad2

Changed in puppet-octavia:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-10-20: Fix included in openstack/puppet-octavia 21.0.0

This issue was fixed in the openstack/puppet-octavia 21.0.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.