From 02ba6df42134f6d64748e67f7ef3f4be7b310f7c Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 23 Jul 2020 14:41:59 -0400 Subject: [PATCH] Do not try to sign unsupported key --- confluent_osdeploy/el7/profiles/default/scripts/pre.sh | 2 +- confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/confluent_osdeploy/el7/profiles/default/scripts/pre.sh b/confluent_osdeploy/el7/profiles/default/scripts/pre.sh index de2f852d..10d22677 100644 --- a/confluent_osdeploy/el7/profiles/default/scripts/pre.sh +++ b/confluent_osdeploy/el7/profiles/default/scripts/pre.sh @@ -35,7 +35,7 @@ else echo "bootloader --iscrypted --password=$grubpw" > /tmp/grubpw fi ssh-keygen -A -for pubkey in /etc/ssh/ssh_host*key.pub; do +for pubkey in /etc/ssh/ssh_host_*_key.pub; do certfile=${pubkey/.pub/-cert.pub} curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile echo HostCertificate $certfile >> /etc/ssh/sshd_config.anaconda diff --git a/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh b/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh index 71b9f9bf..e959b759 100644 --- a/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh +++ b/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh @@ -35,7 +35,7 @@ else echo "bootloader --iscrypted --password=$grubpw" > /tmp/grubpw fi ssh-keygen -A -for pubkey in /etc/ssh/ssh_host*key.pub; do +for pubkey in /etc/ssh/ssh_host_*_key.pub; do certfile=${pubkey/.pub/-cert.pub} curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile echo HostCertificate $certfile >> /etc/ssh/sshd_config.anaconda