ubuntu_kvm_smoke_test fail with FIPS kernel (dsa keys not allowed)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-kernel-tests |
New
|
Undecided
|
Unassigned |
Bug Description
After enabling the fips-dev ppa and using user-space tool there. The ubuntu_
+ uvt-kvm create bjf-test release=bionic arch=s390x
DSA keys are not allowed in FIPS mode
Take a closer look inside /usr/lib/
From ssh.py, you will find it will try to generate 4 different key types, includes "dsa":
KEY_TYPES = ['rsa', 'dsa', 'ecdsa', 'ed25519']
...
def generate_
cloud_
known_
tmp_dir = tempfile.
try:
for key_type in KEY_TYPES:
summary: |
- ubuntu_kvm_smoke_test fail with B-FIPS kernel (dsa keys not allowed) + ubuntu_kvm_smoke_test fail with FIPS kernel (dsa keys not allowed) |
tags: | added: jammy sru-20240429 |
We will need to backport fix for https:/ /bugs.launchpad .net/bugs/ 1936473 to uvtool on bionic. /code.launchpad .net/~paelzer/ uvtool/ +git/uvtool/ +merge/ 405796
https:/