Skip to content

CLOUDSTACK-10213: Allow specify SSH key lengh#2389

Merged
yadvr merged 1 commit intomasterfrom
unknown repository
Jan 9, 2018
Merged

CLOUDSTACK-10213: Allow specify SSH key lengh#2389
yadvr merged 1 commit intomasterfrom
unknown repository

Conversation

@dmytro-shevchenko
Copy link
Contributor

@dmytro-shevchenko dmytro-shevchenko commented Jan 5, 2018

SSH keys generated by the ACS are only 1024 bit (RSA). The common standard is now at least 2048 bit.
https://issues.apache.org/jira/browse/CLOUDSTACK-10213

yadvr
yadvr reviewed Jan 5, 2018
View reviewed changes
server/src/com/cloud/configuration/Config.java Outdated
"5",
"Incorrect login attempts allowed before the user is disabled",
null),
SSHKeyLength(
Copy link
Member

@yadvr yadvr Jan 5, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove from here, this is deprecated. The use of ConfigKey is alright.

@yadvr yadvr added this to the 4.11 milestone Jan 5, 2018
DaanHoogland
DaanHoogland requested changes Jan 5, 2018
View reviewed changes
Copy link
Contributor

@DaanHoogland DaanHoogland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are mixing old and new style configuration methods here. Please use purely the new style.

server/src/com/cloud/server/ManagementServerImpl.java Outdated

static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6",
"Specifies the length of a randomly generated password", false);
static final ConfigKey<Integer> SSHKeyLength = new ConfigKey<Integer>("Advanced", Integer.class, "ssh.key.length",
Copy link
Contributor

@DaanHoogland DaanHoogland Jan 5, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This configkey must be published in a getConfigKeys() implementation

@yadvr yadvr removed this from the 4.11 milestone Jan 6, 2018
@dmytro-shevchenko
Copy link
Contributor Author

dmytro-shevchenko commented Jan 8, 2018

PR updated, new style configuration methods used. Variable scope changed to "Account".

@DaanHoogland
Copy link
Contributor

DaanHoogland commented Jan 8, 2018

Can you give a rationale as to why account scope, @dmytro-shevchenko ? Nowadays you can also use domain scope and for this even global would make sense.

bwsw
bwsw reviewed Jan 8, 2018
View reviewed changes
utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java Outdated
}

public SSHKeysHelper() {
public SSHKeysHelper(Integer keyLenght) {
Copy link
Contributor

@bwsw bwsw Jan 8, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a typo. ShouldBe keyLength.

server/src/com/cloud/server/ManagementServerImpl.java Outdated
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6",
"Specifies the length of a randomly generated password", false);
static final ConfigKey<Integer> sshKeyLength = new ConfigKey<Integer>("Advanced", Integer.class, "ssh.key.length",
"2048", "User SSH key length (bit)", true, ConfigKey.Scope.Account);
Copy link
Contributor

@bwsw bwsw Jan 8, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might the description be more meaningful for average user, like "Specifies minimal? amount of SSH key length permitted". Could you please take a look at this. May be it can be improved.

@dmytro-shevchenko
Copy link
Contributor Author

dmytro-shevchenko commented Jan 8, 2018

Reasonable, PR updated. Global scope for variable, description a little bit updated. This can be only exactly key length, not minimal.

@DaanHoogland DaanHoogland added this to the 4.11 milestone Jan 8, 2018
@yadvr
Copy link
Member

yadvr commented Jan 8, 2018

@blueorangutan package

@blueorangutan
Copy link

blueorangutan commented Jan 8, 2018

@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

@blueorangutan
Copy link

blueorangutan commented Jan 8, 2018

Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1622

@yadvr
Copy link
Member

yadvr commented Jan 8, 2018

@blueorangutan test

@blueorangutan
Copy link

blueorangutan commented Jan 8, 2018

@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

@blueorangutan
Copy link

blueorangutan commented Jan 9, 2018

Trillian test result (tid-2079)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 24727 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2389-t2079-kvm-centos7.zip
Smoke tests completed. 67 look OK, 0 have error(s)
Only failed tests results shown below:

Test Result Time (s) Test File

@yadvr
Copy link
Member

yadvr commented Jan 9, 2018

Tests ltgm, merging this based on code reviews and tests.

@yadvr yadvr merged commit 0d0fa5e into apache:master Jan 9, 2018
@dmytro-shevchenko dmytro-shevchenko deleted the CLOUDSTACK-10213 branch January 9, 2018 10:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yadvr yadvr yadvr approved these changes

@DaanHoogland DaanHoogland DaanHoogland approved these changes

+1 more reviewer

@bwsw bwsw bwsw left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

4.11.0.0

Development

Successfully merging this pull request may close these issues.

5 participants

@dmytro-shevchenko @DaanHoogland @yadvr @blueorangutan @bwsw