6ded070b51
In FIPS mode, using RSA keys for ssh is fine as long as SHA-1 is not used for the signature algorithm. Unfortunately, the version of cirros used in OpenStack CI does not have a version of dropbear that supports SHA-2 signatures. So, any connections from a FIPS enabled machine will fail as the cirros instance will only support ssh-rsa (SHA-1 signatures). To get around this, we add a new option to specify the key type (validation.ssh_key_type). This will allow the addition of other key types in future if needed. Tempest now supports 'rsa' and 'ecdsa' key types. We also add a fips job to the experimental queue to test the usage of the new key type. Change-Id: Ib59eb8432fa1a2813b3047955157d1b3d24a55f8
25 lines
841 B
Plaintext
25 lines
841 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
pbr!=2.1.0,>=2.0.0 # Apache-2.0
|
|
cliff!=2.9.0,>=2.8.0 # Apache-2.0
|
|
jsonschema>=3.2.0 # MIT
|
|
testtools>=2.2.0 # MIT
|
|
paramiko>=2.7.0 # LGPLv2.1+
|
|
cryptography>=2.1 # BSD/Apache-2.0
|
|
netaddr>=0.7.18 # BSD
|
|
oslo.concurrency>=3.26.0 # Apache-2.0
|
|
oslo.config>=5.2.0 # Apache-2.0
|
|
oslo.log>=3.36.0 # Apache-2.0
|
|
stestr>=1.0.0 # Apache-2.0
|
|
oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
|
|
oslo.utils>=4.7.0 # Apache-2.0
|
|
fixtures>=3.0.0 # Apache-2.0/BSD
|
|
PyYAML>=3.12 # MIT
|
|
python-subunit>=1.0.0 # Apache-2.0/BSD
|
|
stevedore>=1.20.0 # Apache-2.0
|
|
PrettyTable>=0.7.1 # BSD
|
|
urllib3>=1.21.1 # MIT
|
|
debtcollector>=1.2.0 # Apache-2.0
|
|
unittest2>=1.1.0 # BSD
|