1838159 – [RFE] Upgrade apache-sshd to 2.5.0 to allow RSA-SHA256 and RSA-SHA512 public keys

Bug 1838159 - [RFE] Upgrade apache-sshd to 2.5.0 to allow RSA-SHA256 and RSA-SHA512 public keys

Summary: [RFE] Upgrade apache-sshd to 2.5.0 to allow RSA-SHA256 and RSA-SHA512 public ...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-engine
Classification:	oVirt
Component:	Backend.Core
Sub Component:
Version:	4.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	ovirt-4.4.1
Target Release:	4.4.1.5
Assignee:	Martin Perina
QA Contact:	Pavol Brilla
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-05-20 14:45 UTC by Martin Perina
Modified:	2020-08-20 09:01 UTC (History)
CC List:	5 users (show)
Fixed In Version:	ovirt-engine-4.4.1.5
Doc Type:	Release Note
Doc Text:	With this release, you can add hosts to RHV Manager that do not provide standard rsa-sha-1 SSH public keys but only provide rsa-sha256/rsa-sha-512 SSH public keys instead, such as CentOS 8 hosts with FIPS hardening enabled.
Clone Of:
Environment:
Last Closed:	2020-08-05 06:25:24 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:
Flags:	pm-rhel: ovirt-4.4+ mtessun: blocker+ mtessun: planning_ack+ mperina: devel_ack+ lleistne: testing_ack+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	109225	0	master	MERGED	core: Bump apache-sshd to 2.5.0	2021-02-20 03:40:10 UTC
oVirt gerrit	109226	0	master	MERGED	core: Allow RSA-SHA256 and RSA-SHA512 SSH public keys	2021-02-20 03:40:10 UTC

Description Martin Perina 2020-05-20 14:45:23 UTC

Upgrade apache-sshd to 2.4.0 to allow RSA-SHA256 and RSA-SHA512 public keys, which is required to connect to EL8 host with FIPS security hardening enabled

Comment 1 Martin Perina 2020-06-09 08:00:40 UTC

apache-sshd-2.4.0 has a bug which prevents using ssh-rsa-2, but it's already fixed on current master. New release 2.5.0, should come soon

Comment 5 Sandro Bonazzola 2020-08-05 06:25:24 UTC

This bugzilla is included in oVirt 4.4.1 release, published on July 8th 2020.

Since the problem described in this bug report should be resolved in oVirt 4.4.1 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.

Note You need to log in before you can comment on or make changes to this bug.