Enable ed25519 support in CLI for Public Preview

Azure / azure-cli

Azure Command-Line Interface

MIT License

4.03k stars 3.01k forks source link

Enable ed25519 support in CLI for Public Preview #27689

Open srijang opened 1 year ago

srijang commented 1 year ago

Related command

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

Additional context

yonzhan commented 1 year ago

Thank you for opening this issue, we will look into it.

yonzhan commented 1 year ago

Please provide more detailed info such as CLI command and swagger spec link.

kamusta-msft commented 1 year ago

hey @yonzhan, we need assistance with a new feature we're rolling out. We're modifying the generateSshKeyPair API and need to update the CLI to reflect those changes. The generateSshKeyPair now has a response body that takes in the "encryptionType" property. The allowed values of this property are either "RSA" or "Ed25519". Looking at our existing docs, this cli will need to get updated: https://learn.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az-vm-create (--generate-ssh-keys). One possible update would be to turn this from a true/false to a flag that requires a property. I've pasted the Swagger Spec below:

https://github.com/Azure/azure-rest-api-specs/pull/26090

zhoxing-ms commented 1 year ago

@kamusta-msft @srijang Could you please use this template [Microsoft Internal / Service Team] Feature Request to create this feature request? It contains more necessary information for us to develop, such as whether the Python SDK is ready and the ETA. Then we will evaluate the effort and priority of it to plan its development and release.

AkechiShiro commented 1 year ago

Damn, finally this feature is getting worked on, wow, RSA was getting a bit old, I'm happy it's moving forward.

dkrish24 commented 1 month ago

The Azure CLI is supporting this but Key Vault is only supporting RSA or ECC. When is it expected to be released across both?

az-vm-create

AkechiShiro commented 1 month ago

I'll also add that the Azure STA does not support ed25519 as of now. Despite, support having landed for VM ssh authentication

yanzhudd commented 1 month ago

Azure CLI has already supported Ed25519 when creating a VM. You can run "az vm create" command with "--generate-ssh-keys --ssh-key-type Ed25519" parameters to generate Ed25519 SSH key when creating a VM

dkrish24 commented 1 month ago

Yes that is true but one cannot store the key pair in the Key Vault