CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

more ed25519 to ecdsa

Browse Source
This commit is contained in:
Josh Patterson
2025-08-07 15:02:45 -04:00
parent 82894d88b6
commit c5db0a7195
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/libvirt/ssh/files/config
View File

@@ -1,2 +1,2 @@
Match user soqemussh Match user soqemussh
IdentityFile /etc/ssh/auth_keys/soqemussh/id_ed25519 IdentityFile /etc/ssh/auth_keys/soqemussh/id_ecdsa

2
salt/libvirt/ssh/users.sls
View File

@@ -46,7 +46,7 @@ create_soqemussh_user:
soqemussh_pub_key: soqemussh_pub_key:
ssh_auth.present: ssh_auth.present:
- user: soqemussh - user: soqemussh
- source: salt://libvirt/ssh/keys/id_ed25519.pub - source: salt://libvirt/ssh/keys/id_ecdsa.pub
{% endif %} {% endif %}

6
salt/manager/hypervisor.sls
View File

@@ -16,9 +16,9 @@
# Check if hypervisor environment has been set up # Check if hypervisor environment has been set up
{% set ssh_user_exists = salt['user.info']('soqemussh') %} {% set ssh_user_exists = salt['user.info']('soqemussh') %}
{% set ssh_keys_exist = salt['file.file_exists']('/etc/ssh/auth_keys/soqemussh/id_ed25519') and {% set ssh_keys_exist = salt['file.file_exists']('/etc/ssh/auth_keys/soqemussh/id_ecdsa') and
salt['file.file_exists']('/etc/ssh/auth_keys/soqemussh/id_ed25519.pub') and salt['file.file_exists']('/etc/ssh/auth_keys/soqemussh/id_ecdsa.pub') and
salt['file.file_exists']('/opt/so/saltstack/local/salt/libvirt/ssh/keys/id_ed25519.pub') %} salt['file.file_exists']('/opt/so/saltstack/local/salt/libvirt/ssh/keys/id_ecdsa.pub') %}
{% set base_image_exists = salt['file.file_exists']('/nsm/libvirt/boot/OL9U5_x86_64-kvm-b253.qcow2') %} {% set base_image_exists = salt['file.file_exists']('/nsm/libvirt/boot/OL9U5_x86_64-kvm-b253.qcow2') %}
{% set vm_files_exist = salt['file.directory_exists']('/opt/so/saltstack/local/salt/libvirt/images/sool9') and {% set vm_files_exist = salt['file.directory_exists']('/opt/so/saltstack/local/salt/libvirt/images/sool9') and
salt['file.file_exists']('/opt/so/saltstack/local/salt/libvirt/images/sool9/sool9.qcow2') and salt['file.file_exists']('/opt/so/saltstack/local/salt/libvirt/images/sool9/sool9.qcow2') and

2
salt/salt/cloud/cloud.profiles.d/socloud.conf.jinja
View File

@@ -11,7 +11,7 @@ sool9_{{host}}:
base_domain: sool9 base_domain: sool9
ip_source: qemu-agent ip_source: qemu-agent
ssh_username: soqemussh ssh_username: soqemussh
private_key: /etc/ssh/auth_keys/soqemussh/id_ed25519 private_key: /etc/ssh/auth_keys/soqemussh/id_ecdsa
sudo: True sudo: True
deploy_command: sh /tmp/.saltcloud-*/deploy.sh deploy_command: sh /tmp/.saltcloud-*/deploy.sh
script_args: -r -F -x python3 stable 3006.9 script_args: -r -F -x python3 stable 3006.9

2
setup/so-setup
View File

@@ -755,7 +755,7 @@ if ! [[ -f $install_opt_file ]]; then
logCmd "salt-key -ya $MINION_ID" logCmd "salt-key -ya $MINION_ID"
logCmd "salt-call saltutil.sync_all" logCmd "salt-call saltutil.sync_all"
# we need to sync the runner and generate the soqemussh user keys so that first highstate after license created # we need to sync the runner and generate the soqemussh user keys so that first highstate after license created
# doesnt have a state failure for soqemussh_pub_key source for id_ed25519.pub missing # doesnt have a state failure for soqemussh_pub_key source for id_ecdsa.pub missing
if [[ $is_manager || $is_managerhype ]]; then if [[ $is_manager || $is_managerhype ]]; then
logCmd "salt-run saltutil.sync_all" logCmd "salt-run saltutil.sync_all"
logCmd "salt-run setup_hypervisor.regenerate_ssh_keys" logCmd "salt-run setup_hypervisor.regenerate_ssh_keys"