[one-users] Generated Keypairs/Fingerprints in econe-server?

Javier Fontan jfontan at opennebula.org
Fri Feb 21 05:54:33 PST 2014 

After several tests we've found a bug. The fingerprint generation is
incorrect. To fix it you have to change
/usr/lib/one/ruby/cloud/econe/keypair.rb line 91 [1] from:

erb_key_fingerprint = Digest::MD5.hexdigest(rsa_kp.to_der)

to

erb_key_fingerprint = Digest::MD5.hexdigest(rsa_kp.to_blob)

We will fix this in the repository for future releases. Thanks for the tip.

[1] https://github.com/OpenNebula/one/blob/one-4.4/src/cloud/ec2/lib/keypair.rb#L91

On Tue, Feb 18, 2014 at 3:59 AM, Campbell, Bill
<bcampbell at axcess-financial.com> wrote:
> I've been working on integrating some external components with the econe
> server, which requires a generated keypair to be created for a user that
> will be accessing the cluster. I'm having difficulty however with the
> keypairs/fingerprints that are generated:
>
>
> I do the following:
>
>
> econe-create-keypair -U <url of econe-server> -K <user> -S <hashed password>
> testkey
>
> which creates the keypair and provides a private key as output:
>
>
> -----BEGIN RSA PRIVATE KEY-----
>
> blahblahblahblahblah
>
> -----END RSA PRIVATE KEY-----
>
>
> with a fingerprint of: 83:87:b1:b5:e7:91:a9:49:10:a4:ad:3a:0c:8c:8b:7f
>
>
>
> However, I create a public key from this private key and the fingerprint
> does NOT match the above:
>
> oneadmin at opennebula:~/.ssh$ ssh-keygen -y -f testkey > testkey.pub
> oneadmin at opennebula:~/.ssh$ ssh-keygen -lf testkey.pub
>
>
> 2048 f0:c8:68:e0:47:bb:79:52:43:7e:f3:0b:a4:67:78:9a testkey.pub (RSA)
>
>
> This is what the third-party application (Jenkins) is telling me when I
> attempt to attach the private key (the fingerprints do not match)
>
>
> Am I doing something wrong? Should the fingerprint of the provided private
> key match the fingerprint listed on econe-create-keypair?
>
>
> ________________________________
>
> Bill Campbell
> Infrastructure Architect
>
>
> Axcess Financial Services, Inc.
> 7755 Montgomery Rd., Suite 400
> Cincinnati, OH  45236
>
>
>
> NOTICE: Protect the information in this message in accordance with the
> company's security policies. If you received this message in error,
> immediately notify the sender and destroy all copies.
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>



-- 
Javier Fontán Muiños
Developer
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | @OpenNebula | github.com/jfontan

More information about the Users mailing list