I tried to upgrade one of my services from awa 0.0.3 to 0.1.0, and this resulted in a authentication failure issue. The update also involves git and mimic (and thus, tracking code changes is not very easy). What happened in the history:
awa 0.0.3, git 3.4.0: Keys.of_seed calls into Miage_crypto_pk.Rsa.generate ~bits:2048 to generate the key with the provided seed
awa 0.0.5, git 3.7.0: now Keys.of_string is used (in Git_mirage_ssh), which calls since 5afcb11120280e1e77619c1d140e01552715c387 into X509.Private_key.generate -- that uses bits:4096 by default.
Long story short -- if you have an old unikernel (< git 3.7.0, awa < 0.0.5) and attempt to update, you may need to re-create ssh keys. Sorry about that. Good news is that you can nowadays just use an ED25519 key provided directly, no RNG & seed required.
This issue is just for documentation purposes, I'll close it immediately.
I tried to upgrade one of my services from awa 0.0.3 to 0.1.0, and this resulted in a authentication failure issue. The update also involves git and mimic (and thus, tracking code changes is not very easy). What happened in the history:
Keys.of_seed
calls intoMiage_crypto_pk.Rsa.generate ~bits:2048
to generate the key with the provided seedKeys.of_string
is used (in Git_mirage_ssh), which calls since 5afcb11120280e1e77619c1d140e01552715c387 into X509.Private_key.generate -- that usesbits:4096
by default.Long story short -- if you have an old unikernel (< git 3.7.0, awa < 0.0.5) and attempt to update, you may need to re-create ssh keys. Sorry about that. Good news is that you can nowadays just use an ED25519 key provided directly, no RNG & seed required.
This issue is just for documentation purposes, I'll close it immediately.