with old FreeIPA (4.9.13 on Rocky Linux 8), I could refresh SSHFP entries directly from a client with a python call:
```python from ipaclient.install.client import update_ssh_keys from ipaplatform.paths import paths update_ssh_keys(api.env.host, paths.SSH_CONFIG_DIR, True) ``` ref: https://www.reddit.com/r/FreeIPA/comments/rlg6tw/create_sshfp_records_for_already_installed_ipa/ But with new FreeIPA (4.12.2 on Rocky Linux 9), the same call fail: ```bash # /bin/kinit -k && /bin/ipa console /etc/ipa/update_ssh_keys.py Traceback (most recent call last): File "/usr/lib/python3.9/site-packages/ipalib/cli.py", line 1026, in run exec(compiled, globals(), local) File "/etc/ipa/update_ssh_keys.py", line 5, in <module> update_ssh_keys(api.env.host, paths.SSH_CONFIG_DIR, True) TypeError: update_ssh_keys() missing 1 required positional argument: 'server' ``` The function `update_ssh_keys()` was changed in this commit: https://pagure.io/freeipa/c/3de127433c5552c1f9f82c6bb73f2a32caa03e9b?branch=master ```diff @@ -1672,7 +1737,7 @@ def check_ip_addresses(options): return True -def update_ssh_keys(hostname, ssh_dir, create_sshfp): +def update_ssh_keys(hostname, ssh_dir, options, server): if not os.path.isdir(ssh_dir): return ``` I tried to fiddle to make it work with new FreeIPA, without success... Any help to refresh SSHFP keys in the new version would be appreciated. Thanks -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
