Skip to content

Commit

Permalink
server: use ed25519 instead of rsa when generate public/private keys (a…
Browse files Browse the repository at this point in the history 
…pache#8549)

RSA has been considered as insecure and 'ssh-rsa' signature algorithm has been deprecated in OpenSSH.
  • Loading branch information
@weizhouapache
weizhouapache committed Feb 23, 2024
1 parent 2746225 commit 707dd7e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion server/src/main/java/com/cloud/server/ConfigurationServerImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -619,7 +619,7 @@ public void updateKeyPairs() {
// FIXME: take a global database lock here for safety.
boolean onWindows = isOnWindows();
if(!onWindows) {
Script.runSimpleBashScript("if [ -f " + privkeyfile + " ]; then rm -f " + privkeyfile + "; fi; ssh-keygen -t rsa -m PEM -N '' -f " + privkeyfile + " -q 2>/dev/null || ssh-keygen -t rsa -N '' -f " + privkeyfile + " -q");
Script.runSimpleBashScript("if [ -f " + privkeyfile + " ]; then rm -f " + privkeyfile + "; fi; ssh-keygen -t ed25519 -m PEM -N '' -f " + privkeyfile + " -q 2>/dev/null || ssh-keygen -t ed25519 -N '' -f " + privkeyfile + " -q");
}

final String privateKey;
Expand Down

0 comments on commit 707dd7e

Please sign in to comment.