Bug 2129873

Summary: Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles
Product: Red Hat Enterprise Linux 9 Reporter: Jakub Jelen <jjelen>
Component: rhel-system-rolesAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: Jakub Haruda <jharuda>
Severity: high Docs Contact: Gabi Fialová <gfialova>
Priority: high    
Version: 9.1CC: bfinger, gfialova, jharuda, nhosoi, pvlasin, rmeggins, spetrosi
Target Milestone: rcKeywords: Triaged
Target Release: 9.1Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: role:ssh,role:sshd
Fixed In Version: rhel-system-roles-1.20.1-1.el9_1 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of:
: 2129875 2130969 (view as bug list) Environment:
Last Closed: 2022-11-15 10:24:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2129875, 2130969    

Description Jakub Jelen 2022-09-26 14:06:15 UTC 
Description of problem:
The Openssh on last minute changed the configuration option handling minimum RSA Key size from RSAMinSize to RequiredRSASize, see the exception bug #2128245.

The change is backward compatible so the old option keeps working for anyone who would need that, but as system roles document and expose the configuration options, the behaviour would be unexpected as only the undocumented option would work.

Version-Release number of selected component (if applicable):
unreleased 9.1 version of system roles

How reproducible:
always

Steps to Reproduce:
1. Configure ssh/sshd role with RequiredRSASize option

Actual results:
The option RequiredRSASize will not be in resulting configuration and will not be effective

Expected results:
The RequiredRSASize will be in generated configuration files

Additional info:
The upstream PRs solving this problem:
https://github.com/linux-system-roles/ssh/pull/53
https://github.com/willshersystems/ansible-sshd/pull/206
Comment 19 errata-xmlrpc 2022-11-15 10:24:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2022:8117