Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable ed25519 support in CLI for Public Preview #27708

Closed
1 task done
kamusta-msft opened this issue Oct 27, 2023 · 8 comments · Fixed by #28143
Closed
1 task done

Enable ed25519 support in CLI for Public Preview #27708

kamusta-msft opened this issue Oct 27, 2023 · 8 comments · Fixed by #28143
Assignees
@zhoxing-ms @yanzhudd
Labels
Azure CLI Team The command of the issue is owned by Azure CLI team Compute az vm/vmss/image/disk/snapshot feature-request
Milestone
January 2024 (202...

Comments

@kamusta-msft
Copy link
Member

Preconditions

  • No need to upgrade Python SDK or the Python SDK is ready.

Related command

https://learn.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az-vm-create (--generate-ssh-keys).

Resource Provider

Microsoft.Compte

Description of Feature or Work Requested

We're modifying the generateSshKeyPair API and need to update the CLI to reflect those changes. The generateSshKeyPair now has a response body that takes in the "encryptionType" property. The allowed values of this property are either "RSA" or "Ed25519". Looking at our existing docs, this cli will need to get updated: https://learn.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az-vm-create (--generate-ssh-keys). One possible update would be to turn this from a true/false to a flag that requires a property. I've pasted the Swagger Spec below:

Minimum API Version Required

2023-09-01

Swagger PR link / SDK link

Azure/azure-rest-api-specs#26090

SDK will get generated by Swagger team after all changes are merged

Request Example

https://github.com/Azure/azure-rest-api-specs/blob/16f37d09a00385dd4143cbc2a07b0e860e1e018e/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2023-09-01/examples/sshPublicKeyExamples/SshPublicKey_GenerateKeyPair_EncryptionWithRSA.json

Sending "encryptionType" in the request body for the generateKey API

Target Date

2023-12-30

PM Contact

@Srijangupta

Engineer Contact

@Kamusta

Additional context

No response
@yonzhan
Copy link
Collaborator

yonzhan commented Oct 27, 2023

Thank you for opening this issue, we will look into it.

@kamusta-msft
Copy link
Member Author

@srijang to confirm the target date

@yonzhan yonzhan added the Compute az vm/vmss/image/disk/snapshot label Oct 27, 2023
@yonzhan yonzhan added the Azure CLI Team The command of the issue is owned by Azure CLI team label Oct 27, 2023
@yonzhan yonzhan added this to the Backlog milestone Oct 27, 2023
@yanzhudd
Copy link
Contributor

Hi @kamusta-msft let me confirm with you if this feature request is actually the same feature as #27449

@yanzhudd
Copy link
Contributor

Hi @kamusta-msft,
CLI is developed base on Azure SDK, but it seems that there isn't api-version 2023-09-01 in the latest version of compute module.
Please refer to the doc of How to Request a Feature in SDK to release a new version of SDK with api-version 2023-09-01 firstly, only after that can we develop this new feature. Thanks.

@kamusta-msft
Copy link
Member Author

@yanzhudd Confirmed, same as #27449

The API specs for 2023-09-01 are currently in the process of getting merged into master by the Swagger team. Once merged, they'll generate the SDK. We created this feature request so that it can be considered for feature/sprint planning

@yanzhudd
Copy link
Contributor

@yanzhudd Confirmed, same as #27449

The API specs for 2023-09-01 are currently in the process of getting merged into master by the Swagger team. Once merged, they'll generate the SDK. We created this feature request so that it can be considered for feature/sprint planning

@kamusta-msft, okay, we'll develop this feature once the SDK is released.

@yanzhudd yanzhudd mentioned this issue Nov 17, 2023
Closed
1 task
@yanzhudd
Copy link
Contributor

yanzhudd commented Jan 2, 2024

Hi @kamusta-msft,

could you please help confirm these questions:

  1. In fact, CLI command az vm create --generate-ssh-keys would not call the generateSshKeyPair API, instead using paramiko package to generate keys. It is the command az sshkey create which call the generateSshKeyPair API. Thus, does the following change meets your expectation?
    a. CLI modifies the command az sshkey create -n keyName to support Ed25519 generation
    b. CLI would not change the parameters of az vm create
    Users can use az sshkey create -n keyName --encryption-type Ed25519 to generate Ed25519 key, and then use az vm create --ssh-key-name keyName to create vm with generated Ed25519 key.

  2. When we call generateSshKeyPair API with Ed25519 SSH Key, service side reported an error as:
    image
    Could you please help register our subId '0b1f6471-1bf0-4dda-aec3-cb9272f09590', or is there any way we can register by ourselves?

Thanks!

@kamusta-msft
Copy link
Member Author

kamusta-msft commented Jan 2, 2024
edited
Loading

az vm create --generate-ssh-keys would not call the generateSshKeyPair API, instead using paramiko package to generate keys

which encryption format are the keys in? If it's only RSA, then we may need to update the documentation.

The other points you mentioned seem fine to me. @srijang to give the final confirmation

Could you please help register our subId '0b1f6471-1bf0-4dda-aec3-cb9272f09590', or is there any way we can register by ourselves?

Your sub should be registered now.

@yanzhudd yanzhudd mentioned this issue Jan 8, 2024
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zhoxing-ms zhoxing-ms

@yanzhudd yanzhudd

Labels
Azure CLI Team The command of the issue is owned by Azure CLI team Compute az vm/vmss/image/disk/snapshot feature-request
Projects
None yet
Milestone
January 2024 (2024-02-06)
4 participants
@zhoxing-ms @yonzhan @kamusta-msft @yanzhudd