Let sshd use ecdsa and ed25519 host keys
It seems that our nodepool is configured with the ecdsa and ed25519 host keys from the nodepool nodes, but not the rsa or dsa keys. This is a problem when we try to test our puppet SSH configuration in CI, because the puppet module removes the ability for the Zuul executor to reach the node and perform cleanup tasks after the tests have completed. This patch adds back the HostKey settings that the nodepool images started out with. This should not affect the puppetmaster's or a rooter's ability to log into production servers that are already using an rsa host key. Change-Id: I150b76a632398d0a6f00d5b98ad7277c62377601
This commit is contained in:
parent
685291c29e
commit
277e41829d
@ -10,6 +10,8 @@ Protocol 2
|
|||||||
# HostKeys for protocol version 2
|
# HostKeys for protocol version 2
|
||||||
HostKey /etc/ssh/ssh_host_rsa_key
|
HostKey /etc/ssh/ssh_host_rsa_key
|
||||||
HostKey /etc/ssh/ssh_host_dsa_key
|
HostKey /etc/ssh/ssh_host_dsa_key
|
||||||
|
HostKey /etc/ssh/ssh_host_ecdsa_key
|
||||||
|
HostKey /etc/ssh/ssh_host_ed25519_key
|
||||||
#Privilege Separation is turned on for security
|
#Privilege Separation is turned on for security
|
||||||
UsePrivilegeSeparation yes
|
UsePrivilegeSeparation yes
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user