After several tests we've found a bug. The fingerprint generation is incorrect. To fix it you have to change /usr/lib/one/ruby/cloud/econe/keypair.rb line 91 [1] from:
erb_key_fingerprint = Digest::MD5.hexdigest(rsa_kp.to_der) to erb_key_fingerprint = Digest::MD5.hexdigest(rsa_kp.to_blob) We will fix this in the repository for future releases. Thanks for the tip. [1] https://github.com/OpenNebula/one/blob/one-4.4/src/cloud/ec2/lib/keypair.rb#L91 On Tue, Feb 18, 2014 at 3:59 AM, Campbell, Bill <bcampb...@axcess-financial.com> wrote: > I've been working on integrating some external components with the econe > server, which requires a generated keypair to be created for a user that > will be accessing the cluster. I'm having difficulty however with the > keypairs/fingerprints that are generated: > > > I do the following: > > > econe-create-keypair -U <url of econe-server> -K <user> -S <hashed password> > testkey > > which creates the keypair and provides a private key as output: > > > -----BEGIN RSA PRIVATE KEY----- > > blahblahblahblahblah > > -----END RSA PRIVATE KEY----- > > > with a fingerprint of: 83:87:b1:b5:e7:91:a9:49:10:a4:ad:3a:0c:8c:8b:7f > > > > However, I create a public key from this private key and the fingerprint > does NOT match the above: > > oneadmin@opennebula:~/.ssh$ ssh-keygen -y -f testkey > testkey.pub > oneadmin@opennebula:~/.ssh$ ssh-keygen -lf testkey.pub > > > 2048 f0:c8:68:e0:47:bb:79:52:43:7e:f3:0b:a4:67:78:9a testkey.pub (RSA) > > > This is what the third-party application (Jenkins) is telling me when I > attempt to attach the private key (the fingerprints do not match) > > > Am I doing something wrong? Should the fingerprint of the provided private > key match the fingerprint listed on econe-create-keypair? > > > ________________________________ > > Bill Campbell > Infrastructure Architect > > > Axcess Financial Services, Inc. > 7755 Montgomery Rd., Suite 400 > Cincinnati, OH 45236 > > > > NOTICE: Protect the information in this message in accordance with the > company's security policies. If you received this message in error, > immediately notify the sender and destroy all copies. > > > _______________________________________________ > Users mailing list > Users@lists.opennebula.org > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > -- Javier Fontán Muiños Developer OpenNebula - The Open Source Toolkit for Data Center Virtualization www.OpenNebula.org | @OpenNebula | github.com/jfontan _______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org