search

ansible-collections / community.crypto

The community.crypto collection for Ansible.
https://galaxy.ansible.com/ui/repo/published/community/crypto/
Other
97 stars 86 forks source link

Add PEM format to the openssh_keypair module #724

Open Aalmain opened 5 months ago

Aalmain commented 5 months ago
SUMMARY

The ssh-keygen tool has the capability of creating ssh-keys in the PEM format. Although this is not a common format, there are instances where it is required

ISSUE TYPE

Add the "PEM" format to the lost of formats under "private_key_format" in the "community.crypto.openssh_keypair"

COMPONENT NAME

Module: community.crypto.openssh_keypair Parameter: private_key_format

ADDITIONAL INFORMATION

This would allow a more standard process to create ssh keys in the PEM format. There are applications that require this format.

An example is the Yugabyte Anywhere control plain communication to the Yugabyte Anywhere database nodes for universe deployments and updates.

- name: Generate an OpenSSH keypair for Yugabyte 
  community.crypto.openssh_keypair:
    path: /home/yugabyte/.ssh/id_ssh_pem
    prvate_key_format: pem
Ajpantuso commented 5 months ago

You probably want to use PKCS1 or PKCS8. The resulting private key will be PEM encoded.