Uploaded image for project: 'Facter'
  1. Facter
  2. FACT-1377

$ecdsakey fact does not represent specific key type


    • Type: New Feature
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: FACT 3.11.0, FACT 3.12.0
    • Component/s: None
    • Labels:
    • Environment:

      Probaly all

    • Template:
    • Team:
      Platform OS
    • Release Notes:
      New Feature
    • Release Notes Summary:
      Key type will now be included as part of the facts for each SSH key.


      This ticket already exists in the old ticket system (https://projects.puppetlabs.com/issues/18253). Therefor i will just copy the description:

      There are 5 types of SSH keys: rsa, dsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, and ecdsa-sha2-nistp521

      So puppet already accounts for the three different ecdsa keytypes, but puts them into one fact $ecdsakey

      So when doing something like this:

      @@sshkey { “${::fqdn}_ecdsa”:
                  host_aliases => $host_aliases,
                  type => ecdsa-sha2-nistp256,
                  key => $::sshecdsakey,

      It puts the wrong keytype in known_hosts if the key is 384 or 512 bits.

      Suggest adding a fact for $ecdsatype or similar when the key is detected.

      (RSA and DSA keys can be various sizes and they will always be RSA and DSA… but if you change the size of the ecdsa key size it changes they keytype. Don’t ask me why.)

      The ticket was originally open by Michael Henry, who i can't find within the JIRA user directory.




            • Assignee:
              branan Branan Riley
              baurmatt Matthias Baur
            • Votes:
              1 Vote for this issue
              4 Start watching this issue


              • Created:

                Zendesk Support