Refactor the SSH field in v1alpha2 #185

luxas · 2019-07-15T20:56:22Z

Remove the custom marshaller/unmarshaller, for more ease of use
Add the option to specify key algorithm (Changing the ssh key gen algorithm for FIPS machines #136)
Add validation

luxas · 2019-08-08T13:40:04Z

In FIPS-enabled machines the ed25519 key generation algorithm is unavailable, so they need to use rsa.

Let the user specify the algorithm to use via a flag during VM creation
Improve autodetection for FIPS machines to automatically switch over to rsa
Enforce a specific key length (between 2048 and 4096) when using rsa

We'll most likely fix this in v1alpha2, but I'm not certain we have the time.
I'm not sure if we should keep the auto-detection of the SSH key algorithm, or just "blindly" use what we got from the API. An other alternative would be to try to generate an ed25519 key and if that fails, fallback on rsa.
Anyways, this code needs some love.

luxas · 2019-08-09T08:53:22Z

After thinking about this, it's not high-priority enough to do in v1alpha2 / v0.5.0. Moving to v1alpha3.

luxas added api/v1alpha2 kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API priority/backlog Higher priority than priority/awaiting-more-evidence. labels Jul 15, 2019

luxas modified the milestones: v0.5.0, v1alpha2 Jul 15, 2019

luxas mentioned this issue Aug 8, 2019

Flag for setting the SSH key generation algorithm #152

Closed

luxas modified the milestones: v1alpha2, v1alpha3 Aug 9, 2019

luxas added api/v1alpha3 and removed api/v1alpha2 labels Aug 9, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Refactor the SSH field in v1alpha2 #185

Refactor the SSH field in v1alpha2 #185

luxas commented Jul 15, 2019

luxas commented Aug 8, 2019

luxas commented Aug 9, 2019

Refactor the SSH field in v1alpha2 #185

Refactor the SSH field in v1alpha2 #185

Comments

luxas commented Jul 15, 2019

luxas commented Aug 8, 2019

luxas commented Aug 9, 2019