Jira (BOLT-1221) `bolt command run` seems to fail when using SSH CA Certificates

2 views
Skip to first unread message

Shaun (JIRA)

unread,
Mar 29, 2019, 5:57:05 PM3/29/19
to puppe...@googlegroups.com
Shaun created an issue
 
Puppet Task Runner / Bug BOLT-1221
`bolt command run` seems to fail when using SSH CA Certificates
Issue Type: Bug Bug
Affects Versions: BOLT 1.14.0
Assignee: Unassigned
Components: bolt, SSH
Created: 2019/03/29 2:56 PM
Environment:

OS X Mojave (10.11.4) to RHEL 7.6.

 
Priority: Normal Normal
Reporter: Shaun

I am attempting to use bolt run date --node <hostname> and am receiving the following error, which I believe is related to my host ssh ca certificates:

➜  ~ bolt command run date --nodes <hostname>                    
Started on <hostname>...
 
Failed on <hostname>:
 
  Failed to connect to <hostname>: host key algorithm mismatch for signature 'ssh-ed25519' != 'ssh-ed2551...@openssh.com'
 
Failed on 1 node: <hostname>
 
Ran on 1 node in 0.21 seconds

I have experimented with various forms of  --no-host-key-check and trying to use an RSA public key rather than ed25519.

The hosts public key is signed using a public key which I trust, and this is configured as the sole line in my ~/.ssh/known_hosts:

@cert-authority * ssh-ed25519 <caPublicKey> <ca-comment>

As currently configured, I am able to ssh to this host normally and without a password.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Yasmin Rajabi (JIRA)

unread,
Aug 15, 2019, 7:38:03 PM8/15/19
to puppe...@googlegroups.com
Yasmin Rajabi updated an issue
Change By: Yasmin Rajabi
Labels: ghm
Reply all
Reply to author
Forward
0 new messages