On 25 August 2015 at 14:15, Gunnar Morling <gun...@hibernate.org> wrote: > Sanne, > > When running Ansible to update the CI slaves on OS X, I get the following > error: > > TASK: [jenkins-slave | Ensure cimaster is a known host] > *********************** > unknown key type ecdsa > fatal: [209.132.178.232] => lookup_plugin.pipe(ssh-keyscan -t ecdsa > 54.174.65.136) returned 255 > > Can we use another key type than "ecdsa"? Apparently the SSH coming > with OS X has no support for it (see [1]) and I'd prefer to use the > default version rather than having to install another one.
That line though is just a trick to fetch the existing keys so I guess that to change the key type we need to figure out when & how these are generated. I just checked and it seems like we actually generate (and use) RSA keys now; maybe that line is just broken on all platforms (not just on OSX)? When making changes I only run the related portions of the Ansible script, so that might have been broken since a while w/o anyone noticing. Davide extended this further with tags: see the readme to easily run only the tasks related to a specific task (although we should tag all tasks, not done yet). I'm actually quite unhappy with that whole trick to get the generated nodes exchange the keys; it doesn't seem like "the Ansible way" as it's quite procedural, but I couldn't figure a better way other than pre-generate them (and lots of other people have that problem on SO so I'd hope it will improve). Would you prefer us to pre-generate those keys manually and add them to the list of secret tokens which we need to share among maintainers? I was trying to keep the list of keys we all need and the preparation steps minimal, but agree this one might not be worth the complexity. FWIW, ECDSA is the future: get a better OS ;-) Thanks, Sanne > > Thanks, > > --Gunnar > > [1] http://apple.stackexchange.com/questions/77731/ecdsa-ssh-key-on-10-8-2 > _______________________________________________ > hibernate-dev mailing list > hibernate-dev@lists.jboss.org > https://lists.jboss.org/mailman/listinfo/hibernate-dev _______________________________________________ hibernate-dev mailing list hibernate-dev@lists.jboss.org https://lists.jboss.org/mailman/listinfo/hibernate-dev
