Skip to content

Commit 0d0fa5e

Browse files
Dmytro Shevchenkoyadvr
authored andcommitted
CLOUDSTACK-10213: Allow specify SSH key lengh (#2389)
SSH keys generated by the ACS are only 1024 bit (RSA). The common standard is now at least 2048 bit.
1 parent 981286f commit 0d0fa5e

File tree

2 files changed

+6
-4
lines changed

2 files changed

+6
-4
lines changed

server/src/com/cloud/server/ManagementServerImpl.java

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -696,6 +696,8 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
696696

697697
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6",
698698
"Specifies the length of a randomly generated password", false);
699+
static final ConfigKey<Integer> sshKeyLength = new ConfigKey<Integer>("Advanced", Integer.class, "ssh.key.length",
700+
"2048", "Specifies custom SSH key length (bit)", true, ConfigKey.Scope.Global);
699701
@Inject
700702
public AccountManager _accountMgr;
701703
@Inject
@@ -3051,7 +3053,7 @@ public String getConfigComponentName() {
30513053

30523054
@Override
30533055
public ConfigKey<?>[] getConfigKeys() {
3054-
return new ConfigKey<?>[] {vmPasswordLength};
3056+
return new ConfigKey<?>[] {vmPasswordLength, sshKeyLength};
30553057
}
30563058

30573059
protected class EventPurgeTask extends ManagedContextRunnable {
@@ -3583,7 +3585,7 @@ public SSHKeyPair createSSHKeyPair(final CreateSSHKeyPairCmd cmd) {
35833585
throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists.");
35843586
}
35853587

3586-
final SSHKeysHelper keys = new SSHKeysHelper();
3588+
final SSHKeysHelper keys = new SSHKeysHelper(sshKeyLength.value());
35873589

35883590
final String name = cmd.getName();
35893591
final String publicKey = keys.getPublicKey();

utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,9 +43,9 @@ private static String toHexString(byte[] b) {
4343
return sb.toString();
4444
}
4545

46-
public SSHKeysHelper() {
46+
public SSHKeysHelper(Integer keyLength) {
4747
try {
48-
keyPair = KeyPair.genKeyPair(new JSch(), KeyPair.RSA);
48+
keyPair = KeyPair.genKeyPair(new JSch(), KeyPair.RSA, keyLength);
4949
} catch (JSchException e) {
5050
e.printStackTrace();
5151
}

0 commit comments

Comments
 (0)