tempest/playbooks
Ade Lee 6ded070b51 Add support for ecdsa keys
In FIPS mode, using RSA keys for ssh is fine as long as SHA-1 is
not used for the signature algorithm.  Unfortunately, the version
of cirros used in OpenStack CI does not have a version of dropbear
that supports SHA-2 signatures.  So, any connections from a FIPS
enabled machine will fail as the cirros instance will only support
ssh-rsa (SHA-1 signatures).

To get around this, we add a new option to specify the key type
(validation.ssh_key_type).  This will allow the addition of other
key types in future if needed.

Tempest now supports 'rsa' and 'ecdsa' key types.

We also add a fips job to the experimental queue to test the usage
of the new key type.

Change-Id: Ib59eb8432fa1a2813b3047955157d1b3d24a55f8
2022-01-18 15:25:38 +00:00
..
devstack-tempest-ipv6.yaml Use older run-tempest for stable branches 2021-07-14 10:38:16 -05:00
devstack-tempest.yaml Use older run-tempest for stable branches 2021-07-14 10:38:16 -05:00
enable-fips.yaml Add support for ecdsa keys 2022-01-18 15:25:38 +00:00
post-tempest.yaml Write tempest-multinode-full as zuulv3 native 2018-06-05 12:01:52 +01:00