1235253 – [PKI] ssh-keygen certificate enrollment has different cmdline in rhel-6 than upstream and rhel-7

Bug 1235253 - [PKI] ssh-keygen certificate enrollment has different cmdline in rhel-6 than upstream and rhel-7

Summary: [PKI] ssh-keygen certificate enrollment has different cmdline in rhel-6 than ...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-engine
Classification:	oVirt
Component:	PKI
Sub Component:
Version:	3.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	ovirt-3.6.0-rc
Target Release:	3.6.0
Assignee:	Yaniv Kaul
QA Contact:	Lukas Svaty
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-06-24 12:11 UTC by Max Kovgan
Modified:	2016-02-10 12:58 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-02-10 12:58:34 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:
Flags:	rule-engine: ovirt-3.6.0+ ylavi: planning_ack+ rule-engine: devel_ack+ pstehlik: testing_ack+

Attachments	(Terms of Use)
engine sosreport (7.14 MB, application/octet-stream) 2015-06-24 12:15 UTC, Max Kovgan	no flags	Details
host sosreport (5.48 MB, application/octet-stream) 2015-06-24 12:16 UTC, Max Kovgan	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	42807	0	master	MERGED	pki: openssh: workaround rhel-6 keygen incompatibility	Never

Description Max Kovgan 2015-06-24 12:11:41 UTC

Description of problem:

when trying to add a host on rhel6.7, with ovirt-engine:
ovirt-engine-3.6.0-0.0.master.20150622174128.gitd7d1d87.el6.noarch
via web admin, add-host operation fails with error in the events:
	
2015-Jun-24, 14:33 Host nari13 installation failed. OpenSSH certificate enrollment failed.

Version-Release number of selected component (if applicable):


How reproducible:
after running engine-setup, try adding rhel7 host

Steps to Reproduce:
1. install ovirt-engine ovirt-engine-dwh, ovirt-engine-reports
2. add host
3.

Actual results:
add host fails.

Expected results:
add host works.


Additional info:

Comment 1 Alon Bar-Lev 2015-06-24 12:15:21 UTC

OK:
ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals] [-O option] [-V validity_interval] [-z serial_number] file ...

rhel-6:
     ssh-keygen -s ca_key -I certificate_identity [-h] [-Z principals] [-O option] [-V validity_interval] [-z serial_number] file ...

Comment 2 Max Kovgan 2015-06-24 12:15:57 UTC

Created attachment 1042711 [details]
engine sosreport

Comment 3 Max Kovgan 2015-06-24 12:16:43 UTC

Created attachment 1042712 [details]
host sosreport

Comment 4 Max Kovgan 2015-06-28 14:13:47 UTC

ovirt-3.6.0-3 release

Comment 7 Lukas Svaty 2016-01-21 13:56:22 UTC

verified in rhevm-3.6.2.6-0.1.el6.noarch

Note You need to log in before you can comment on or make changes to this bug.