From f5a05c34e546949325c4adcbc0e055a2a536e81f Mon Sep 17 00:00:00 2001
From: Zane Bitter <zbitter@redhat.com>
Date: Thu, 25 Sep 2025 19:00:31 -0400
Subject: [PATCH] Generate FIPS-compatible ssh keys

The default SSH key format in CentOS appears to have changed from RSA to ED25519, however this is not compatible with FIPS. Explicitly request an RSA key to avoid blocking FIPS installs.
---
 02_configure_host.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/02_configure_host.sh b/02_configure_host.sh
index cb3dfd57b..312c06790 100755
--- a/02_configure_host.sh
+++ b/02_configure_host.sh
@@ -35,7 +35,7 @@ esac
 
 # Generate user ssh key
 if [ ! -f $HOME/.ssh/id_rsa.pub ]; then
-    ssh-keygen -f ~/.ssh/id_rsa -P ""
+    ssh-keygen -f ~/.ssh/id_rsa -t rsa -P ""
 fi
 
 # root needs a private key to talk to libvirt