[ovirt-users] Proper way to change and persist vdsm configuration options

Trey Dockendorf treydock at gmail.com
Sat Aug 23 02:02:37 UTC 2014


For what it's worth I managed to get the ovirt-engine's public key
from engine.cer using Ruby and turn it into a Puppet fact.  Had to
borrow some code from https://github.com/bensie/sshkey

https://github.com/treydock/puppet-ovirt/blob/1.x/lib/facter/ovirt_engine_ssh_pubkey.rb

Thanks for all the help Alon, now have semi-automated deployment of
nodes :).  Once 3.5 is released and the Foreman integration is in
place, it will be much nicer.

Thanks,
- Trey

On Fri, Aug 22, 2014 at 5:30 AM, Alon Bar-Lev <alonbl at redhat.com> wrote:
>
> you are hijacking this thread... but anyway... please refer to the original question, how to easily convert X.509 certificate to SSH public key. the best method should avoid using the private key. newer ssh-keygen supports exactly that.
>
> ----- Original Message -----
>> From: "Sven Kieske" <S.Kieske at mittwald.de>
>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>> Cc: users at ovirt.org
>> Sent: Friday, August 22, 2014 1:24:17 PM
>> Subject: Re: [ovirt-users] Proper way to change and persist vdsm configuration options
>>
>> well yeah, it does not generate pkcs#8 by default
>> but you can easily convert existing keys via openssl:
>>
>> openssl pkcs8 -topk8 -v2 des3 \
>>     -in test_rsa_key.old -passin 'pass:super secret passphrase' \
>>     -out test_rsa_key -passout 'pass:super secret passphrase'
>> see this page for more details:
>> http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html
>>
>> newer ssh-keygen versions use PBKDF2 by default and not MD5 anymore.
>>
>> HTH
>>
>> Am 22.08.2014 10:51, schrieb Alon Bar-Lev:
>> > the ssh-keygen does not.
>>
>> --
>> Mit freundlichen Grüßen / Regards
>>
>> Sven Kieske
>>
>> Systemadministrator
>> Mittwald CM Service GmbH & Co. KG
>> Königsberger Straße 6
>> 32339 Espelkamp
>> T: +49-5772-293-100
>> F: +49-5772-293-333
>> https://www.mittwald.de
>> Geschäftsführer: Robert Meyer
>> St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
>> Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users



More information about the Users mailing list