[
https://issues.apache.org/jira/browse/CLOUDSTACK-10213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16317841#comment-16317841
]
ASF GitHub Bot commented on CLOUDSTACK-10213:
---------------------------------------------
rhtyd closed pull request #2389: CLOUDSTACK-10213: Allow specify SSH key lengh
URL: https://github.com/apache/cloudstack/pull/2389
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java
b/server/src/com/cloud/server/ManagementServerImpl.java
index c855c34b60f..855a43e9f7a 100644
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -696,6 +696,8 @@
static final ConfigKey<Integer> vmPasswordLength = new
ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6",
"Specifies the length of a randomly generated password", false);
+ static final ConfigKey<Integer> sshKeyLength = new
ConfigKey<Integer>("Advanced", Integer.class, "ssh.key.length",
+ "2048", "Specifies custom SSH key length (bit)", true,
ConfigKey.Scope.Global);
@Inject
public AccountManager _accountMgr;
@Inject
@@ -3045,7 +3047,7 @@ public String getConfigComponentName() {
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] {vmPasswordLength};
+ return new ConfigKey<?>[] {vmPasswordLength, sshKeyLength};
}
protected class EventPurgeTask extends ManagedContextRunnable {
@@ -3577,7 +3579,7 @@ public SSHKeyPair createSSHKeyPair(final
CreateSSHKeyPairCmd cmd) {
throw new InvalidParameterValueException("A key pair with name '"
+ cmd.getName() + "' already exists.");
}
- final SSHKeysHelper keys = new SSHKeysHelper();
+ final SSHKeysHelper keys = new SSHKeysHelper(sshKeyLength.value());
final String name = cmd.getName();
final String publicKey = keys.getPublicKey();
diff --git a/utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java
b/utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java
index 39db5c46c1b..f80baaf47a1 100644
--- a/utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java
+++ b/utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java
@@ -43,9 +43,9 @@ private static String toHexString(byte[] b) {
return sb.toString();
}
- public SSHKeysHelper() {
+ public SSHKeysHelper(Integer keyLength) {
try {
- keyPair = KeyPair.genKeyPair(new JSch(), KeyPair.RSA);
+ keyPair = KeyPair.genKeyPair(new JSch(), KeyPair.RSA, keyLength);
} catch (JSchException e) {
e.printStackTrace();
}
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Allow specify SSH key lengh
> ---------------------------
>
> Key: CLOUDSTACK-10213
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10213
> Project: CloudStack
> Issue Type: Improvement
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Reporter: Dmytro Shevchenko
>
> SSH keys generated by the ACS are only 1024 bit (RSA). The common standard is
> now at least 2048 bit.
> decompiled com.jcraft.jsch.KeyPair:
> {code:java}
> public static KeyPair genKeyPair(JSch jsch, int type) throws
> JSchException {
> return genKeyPair(jsch, type, 1024);
> }
> public static KeyPair genKeyPair(JSch jsch, int type, int key_size)
> throws JSchException {
> KeyPair kpair = null;
> ....
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
