starred/the-bastion
1
0
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2026-05-09 08:25:27 +02:00
Code Issues 46 Projects Packages Wiki Activity

[GH-ISSUE #135] Change key of a group #29

New issue
Closed
opened 2026-05-07 00:17:46 +02:00 by BreizhHardware · 5 comments
BreizhHardware commented 2026-05-07 00:17:46 +02:00
Owner
Copy link

Originally created by @dwydler on GitHub (Jan 30, 2021).
Original GitHub issue: https://github.com/ovh/the-bastion/issues/135

Hi Guys,
we used different groups for our environment. Mostly it uses ED25519-256. For reasons of compatibility, I would like to switch individual groups from ED25519 to RSA. Delete and re-create the affected groups is no options. Because with that we must also add all servers again.

Can someone describe how i can replace an ED25519 with a RSA key?

/Daniel

Originally created by @dwydler on GitHub (Jan 30, 2021). Original GitHub issue: https://github.com/ovh/the-bastion/issues/135 Hi Guys, we used different groups for our environment. Mostly it uses ED25519-256. For reasons of compatibility, I would like to switch individual groups from ED25519 to RSA. Delete and re-create the affected groups is no options. Because with that we must also add all servers again. Can someone describe how i can replace an ED25519 with a RSA key? /Daniel
BreizhHardware 2026-05-07 00:17:46 +02:00
  • closed this issue
  • added the
    feature
         label
BreizhHardware commented 2026-05-07 00:17:48 +02:00
Author
Owner
Copy link

@speed47 commented on GitHub (Feb 1, 2021):

Hello Daniel,

Everything is ready, in the code, to handle group key change, and also groups with multiple keys (you could want to have an Ed25519 for security and an RSA for compatibility, the bastion would try both). We're just missing the groupGenerateEgressKey and groupDelEgressKey commands.

If you're in a hurry, I can give you a command to type on the bastion (as root) to do it manually. If you're okay waiting for a few days, I can probably get those 2 commands implemented this week.

<!-- gh-comment-id:771005730 --> @speed47 commented on GitHub (Feb 1, 2021): Hello Daniel, Everything is ready, in the code, to handle group key change, and also groups with multiple keys (you could want to have an Ed25519 for security and an RSA for compatibility, the bastion would try both). We're just missing the `groupGenerateEgressKey` and `groupDelEgressKey` commands. If you're in a hurry, I can give you a command to type on the bastion (as root) to do it manually. If you're okay waiting for a few days, I can probably get those 2 commands implemented this week.
BreizhHardware commented 2026-05-07 00:17:48 +02:00
Author
Owner
Copy link

@dwydler commented on GitHub (Feb 1, 2021):

Hello @speed47,
i call it telepathy. Both features are welcome. No, we are not in a hurry. We can wait a few more weeks.
If we can test something, let ne know.

<!-- gh-comment-id:771139215 --> @dwydler commented on GitHub (Feb 1, 2021): Hello @speed47, i call it telepathy. Both features are welcome. No, we are not in a hurry. We can wait a few more weeks. If we can test something, let ne know.
BreizhHardware commented 2026-05-07 00:17:49 +02:00
Author
Owner
Copy link

@speed47 commented on GitHub (Feb 17, 2021):

You can upgrade to the latest master branch if you want to try the feature, as the PR has just been merged.

You'll find two new commands: groupGenerateEgressKey and groupDelEgressKey. If those work as you expect and you find no issues, I'll go on and tag a new release!

<!-- gh-comment-id:780417037 --> @speed47 commented on GitHub (Feb 17, 2021): You can upgrade to the latest master branch if you want to try the feature, as the PR has just been merged. You'll find two new commands: `groupGenerateEgressKey` and `groupDelEgressKey`. If those work as you expect and you find no issues, I'll go on and tag a new release!
BreizhHardware commented 2026-05-07 00:17:50 +02:00
Author
Owner
Copy link

@speed47 commented on GitHub (Feb 23, 2021):

This has been added to v3.03.00, closing this ticket as a result. Please reopen if you have a chance to test, should anything not behave as expected.

<!-- gh-comment-id:784244568 --> @speed47 commented on GitHub (Feb 23, 2021): This has been added to `v3.03.00`, closing this ticket as a result. Please reopen if you have a chance to test, should anything not behave as expected.
BreizhHardware commented 2026-05-07 00:17:50 +02:00
Author
Owner
Copy link

@dwydler commented on GitHub (Mar 6, 2021):

Hello @speed47.
sorry for my late answer. I installed the new version of it and it work's as it should.
Many thanks for the implementation!

<!-- gh-comment-id:791974339 --> @dwydler commented on GitHub (Mar 6, 2021): Hello @speed47. sorry for my late answer. I installed the new version of it and it work's as it should. Many thanks for the implementation!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
expifix
groupcreate_fix_uid
fix_group_gid_fast
gh-pages
clush
expiration
jsonvalidator
v3.23.01
v3.23.00
v3.22.00
v3.21.00
v3.20.00
v3.19.01
v3.19.00
v3.18.99-rc1
v3.18.00
v3.17.01
v3.17.00
v3.16.99-rc3
v3.16.99-rc2
v3.16.99-rc1
v3.16.01
v3.16.00
v3.15.00
v3.14.16
v3.14.15
v3.14.00
v3.13.01
v3.13.00
v3.12.00
v3.11.02
v3.11.01
v3.11.00
v3.10.00
v3.09.02
v3.09.00-really
v3.09.00
v3.09.00-rc3
v3.09.00-rc2
v3.09.00-rc1
v3.08.01
v3.08.00
v3.07.00
v3.06.00
v3.05.01
v3.05.00
v3.04.00
v3.03.99-rc2
v3.03.99-rc1
v3.03.01
v3.03.00
v3.02.00
v3.01.99-rc4
v3.01.99-rc3
v3.01.99-rc2
v3.01.99-rc1
v3.01.03
v3.01.02
v3.01.01
v3.01.00
v3.00.02
v3.00.01
v3.00.00
Labels
Clear labels   
answered

   
bug

   
documentation

   
enhancement

   
enhancement

   
feature

   
feature

   
kept-open-for-info

   
pull-request
Mirrored from GitHub Pull Request

  
question
No labels
answered
bug
documentation
enhancement
enhancement
feature
feature
kept-open-for-info
pull-request
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/the-bastion#29
No description provided.