Bug 1653229 - [RFE] Add SSH Keypair credentials for VMware hosts
Summary: [RFE] Add SSH Keypair credentials for VMware hosts
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.10.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: GA
: 5.11.z
Assignee: Milan Zázrivec
QA Contact: Nandini Chandra
Red Hat CloudForms Documentation
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-26 10:28 UTC by Fabien Dupont
Modified: 2023-09-14 04:42 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-07-17 13:57:22 UTC
Category: ---
Cloudforms Team: VMware
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Fabien Dupont 2018-11-26 10:28:18 UTC
VMware hosts may be configured with an SSH key pair for remote login. The ssh_keypair authentication type exists in CloudForms. Enabling it for the VMware hosts would extend the connection capabilities.

Comment 2 Adam Grare 2018-11-26 20:44:05 UTC
@Fabien what do you mean by "Enabling it for the VMware hosts would extend the connection capabilities." ?

The backend is flexible, you can add an SSH key to any host if you want:

>> host = ManageIQ::Providers::Vmware::InfraManager::HostEsx.first
>> host.update_authentication(:remote => {:auth_key => "ssh-rsa [snip] agrare", :userid => "agrare.com"})
>> host.authentication_check(:remote)
=> [false, "Login failed due to a bad username or password."] # Note I didn't actually add my ssh key but it really did check

Or do you mean add the ability to add an ssh key from the UI?  If so this sounds like a UI RFE not a providers RFE.

Comment 3 Fabien Dupont 2018-11-26 20:50:12 UTC
You're right. I mean from the UI, as it's the most common interaction. Will change the component.

Comment 4 Dave Johnson 2018-11-29 04:45:47 UTC
Please assess the impact of this issue and update the severity accordingly.  Please refer to https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity for a reminder on each severity's definition.

If it's something like a tracker bug where it doesn't matter, please set the severity to Low.

Comment 12 Fabien Dupont 2020-03-18 07:45:26 UTC
What is the current remote auth type ? Isn't it already SSH ? IIUC, the choice is between password and auth_key, rather than protocol.

Comment 13 Martin Maroši 2020-03-31 07:26:52 UTC
Yes, the remote is already SSH already.

Comment 14 Fabien Dupont 2020-03-31 09:02:25 UTC
My understanding is that the names of the authentications are more "purposes". The protocol will vary:

- remote : SSH with userid/password
- remote with key: SSH with userid/private key
- IPMI: IPMI with userid/password

We could imagine more purposes, like:

- ansible: SSH with userid/password
- ansible escalated: SSH with userid/password and escalation parameters
- SSA: VDDK with userid/password

Comment 15 Red Hat Bugzilla 2023-09-14 04:42:47 UTC
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days


Note You need to log in before you can comment on or make changes to this bug.