Permalink
Browse files

Don't limit SSH keys generation to 1024 bits

Use the default bit length of the underlying ssh-keygen command
(currently 2048) if no bit length is supplied, rather than defaulting to
1024 bits.

bug 1103130

Change-Id: Iba9d378d5bf9e28663e52180ed04c31c16d08aad
Signed-off-by: Zane Bitter <zbitter@redhat.com>
  • Loading branch information...
1 parent 343ba7a commit aa3686a86f903c3b87ea73f1784117c36b2ed6fa @zaneb zaneb committed Jan 22, 2013
Showing with 6 additions and 5 deletions.
  1. +6 −5 nova/crypto.py
View
@@ -135,13 +135,14 @@ def generate_fingerprint(public_key):
raise exception.InvalidKeypair()
-def generate_key_pair(bits=1024):
- # what is the magic 65537?
-
+def generate_key_pair(bits=None):
with utils.tempdir() as tmpdir:
keyfile = os.path.join(tmpdir, 'temp')
- utils.execute('ssh-keygen', '-q', '-b', bits, '-N', '',
- '-t', 'rsa', '-f', keyfile, '-C', 'Generated by Nova')
+ args = ['ssh-keygen', '-q', '-N', '', '-t', 'rsa',
+ '-f', keyfile, '-C', 'Generated by Nova']
+ if bits is not None:
+ args.extend(['-b', bits])
+ utils.execute(*args)
fingerprint = _generate_fingerprint('%s.pub' % (keyfile))
if not os.path.exists(keyfile):
raise exception.FileNotFound(keyfile)

0 comments on commit aa3686a

Please sign in to comment.