Issue #18253 has been updated by eric sorenson. Status changed from Accepted to Needs More Information Assignee set to Michael Henry
I've put this ticket's status into "Needs more Information" and assigned it to you. Please either (a) update it with the information I've requested and re-assign it to me if you need more help, or (b) change the status to "Closed" if you were able to resolve the issue on your own. ---------------------------------------- Bug #18253: $ecdsakey fact does not represent specific key type https://projects.puppetlabs.com/issues/18253#change-79725 Author: Michael Henry Status: Needs More Information Priority: Normal Assignee: Michael Henry Category: Target version: Keywords: ssh ecdsa ecdsakey ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 Branch: Affected Facter version: There are 5 types of SSH keys: rsa, dsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, and ecdsa-sha2-nistp521 So puppet already accounts for the three different ecdsa keytypes, but puts them into one fact $ecdsakey So when doing something like this: @@sshkey { "${::fqdn}_ecdsa": host_aliases => $host_aliases, type => ecdsa-sha2-nistp256, key => $::sshecdsakey, } It puts the wrong keytype in known_hosts if the key is 384 or 512 bits. Suggest adding a fact for $ecdsatype or similar when the key is detected. (RSA and DSA keys can be various sizes and they will always be RSA and DSA... but if you change the size of the ecdsa key size it changes they keytype. Don't ask me why.) -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
