diff options
| author | Zane Bitter <zbitter@redhat.com> | 2013-01-22 19:20:45 +0100 |
|---|---|---|
| committer | Zane Bitter <zbitter@redhat.com> | 2013-01-22 20:35:02 +0100 |
| commit | aa3686a86f903c3b87ea73f1784117c36b2ed6fa (patch) | |
| tree | e07ce7504f00c4243c80976fe4b867cc2030bc1d /nova/crypto.py | |
| parent | 343ba7ac288a350c0b20f0bb31a27df756259da6 (diff) | |
| download | nova-aa3686a86f903c3b87ea73f1784117c36b2ed6fa.tar.gz nova-aa3686a86f903c3b87ea73f1784117c36b2ed6fa.tar.xz nova-aa3686a86f903c3b87ea73f1784117c36b2ed6fa.zip | |
Don't limit SSH keys generation to 1024 bits
Use the default bit length of the underlying ssh-keygen command
(currently 2048) if no bit length is supplied, rather than defaulting to
1024 bits.
bug 1103130
Change-Id: Iba9d378d5bf9e28663e52180ed04c31c16d08aad
Signed-off-by: Zane Bitter <zbitter@redhat.com>
Diffstat (limited to 'nova/crypto.py')
| -rw-r--r-- | nova/crypto.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/nova/crypto.py b/nova/crypto.py index 68d25e650..5c48c60b6 100644 --- a/nova/crypto.py +++ b/nova/crypto.py @@ -135,13 +135,14 @@ def generate_fingerprint(public_key): raise exception.InvalidKeypair() -def generate_key_pair(bits=1024): - # what is the magic 65537? - +def generate_key_pair(bits=None): with utils.tempdir() as tmpdir: keyfile = os.path.join(tmpdir, 'temp') - utils.execute('ssh-keygen', '-q', '-b', bits, '-N', '', - '-t', 'rsa', '-f', keyfile, '-C', 'Generated by Nova') + args = ['ssh-keygen', '-q', '-N', '', '-t', 'rsa', + '-f', keyfile, '-C', 'Generated by Nova'] + if bits is not None: + args.extend(['-b', bits]) + utils.execute(*args) fingerprint = _generate_fingerprint('%s.pub' % (keyfile)) if not os.path.exists(keyfile): raise exception.FileNotFound(keyfile) |