Skip to content

Skip tests where ssh-keygen cannot create a fingerprint for DSA/DSS keys. #68

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vcsjones merged 1 commit into from
Dec 13, 2024
Merged

Skip tests where ssh-keygen cannot create a fingerprint for DSA/DSS keys. #68

vcsjones merged 1 commit into from
Dec 13, 2024

Conversation

@vcsjones
Copy link
Member

@vcsjones vcsjones commented Dec 13, 2024

Newer versions of OpenSSH no longer support the legacy algorithm DSA/DSS. When ssh-keygen is used to get the fingerprint for a DSA key, those OpenSSH versions will fail. When ssh-keygen is unable to generate a fingerprint, we will skip the test.

Long term we should probably deprecate and remove DSA/DSS in the same steps as OpenSSH, but this gets our tests back to green as a first step.

@vcsjones
Skip tests where ssh-keygen cannot create a fingerprint for DSA/DSS k…
4664b8b 
…eys.

Newer versions of OpenSSH no longer support the legacy algorithm DSA/DSS. When ssh-keygen is used to get the fingerprint for a DSA key, those OpenSSH versions will fail. When ssh-keygen is unable to generate a fingerprint, we will skip the test.
Copilot AI review requested due to automatic review settings December 13, 2024 16:40
@vcsjones vcsjones requested review from a team as code owners December 13, 2024 16:40
Copilot AI reviewed Dec 13, 2024
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

Comments suppressed due to low confidence (3)

spec/spec_helper.rb:27

  • Returning nil without logging a warning or error message when ssh-keygen output is empty can make it difficult to diagnose issues during test failures.
return nil if out.strip.empty?

spec/public_key_spec.rb:22

  • [nitpick] Skipping tests when fingerprints are not available may hide potential issues. Consider logging a warning or error instead.
skip "Fingerprint not available" if md5_fpr.nil?

spec/public_key_spec.rb:27

  • [nitpick] Skipping tests when fingerprints are not available may hide potential issues. Consider logging a warning or error instead.
skip "Fingerprint not available" if sha256_fpr.nil?

Tip: Turn on automatic Copilot reviews for this repository to get quick feedback on every pull request. Learn more

fletchto99
fletchto99 reviewed Dec 13, 2024
View reviewed changes
@vcsjones vcsjones merged commit a322517 into master Dec 13, 2024
13 checks passed
@vcsjones vcsjones deleted the skip-dsa-if-not-available branch December 13, 2024 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@fletchto99 fletchto99 fletchto99 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vcsjones @fletchto99