From bec76e1171fd5bb692716afded4a6bb770fc447b Mon Sep 17 00:00:00 2001 From: Michael Burke Date: Fri, 30 May 2025 08:57:40 -0400 Subject: [PATCH] OCPBUGS55735: OpenSSH key Setup --- modules/configuring-secret-for-wmco.adoc | 6 +++++- ...ng-the-vsphere-windows-vm-golden-image.adoc | 8 +++++++- snippets/wmco-key-ascii-encoding.adoc | 18 ++++++++++++++++++ 3 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 snippets/wmco-key-ascii-encoding.adoc diff --git a/modules/configuring-secret-for-wmco.adoc b/modules/configuring-secret-for-wmco.adoc index 8240081015..fd928da5f4 100644 --- a/modules/configuring-secret-for-wmco.adoc +++ b/modules/configuring-secret-for-wmco.adoc @@ -11,7 +11,11 @@ To run the Windows Machine Config Operator (WMCO), you must create a secret in t .Prerequisites * You installed the Windows Machine Config Operator (WMCO) using Operator Lifecycle Manager (OLM). -* You created a PEM-encoded file containing an RSA key. +* You created a PEM-encoded file containing a private key by using a strong algorithm, such as ECDSA. ++ +-- +include::snippets/wmco-key-ascii-encoding.adoc[] +-- .Procedure diff --git a/modules/creating-the-vsphere-windows-vm-golden-image.adoc b/modules/creating-the-vsphere-windows-vm-golden-image.adoc index 25f4412d80..57dbf8cb31 100644 --- a/modules/creating-the-vsphere-windows-vm-golden-image.adoc +++ b/modules/creating-the-vsphere-windows-vm-golden-image.adoc @@ -10,7 +10,13 @@ Create a vSphere Windows virtual machine (VM) golden image. .Prerequisites -* You have created a private/public key pair, which is used to configure key-based authentication in the OpenSSH server. The private key must also be configured in the Windows Machine Config Operator (WMCO) namespace. This is required to allow the WMCO to communicate with the Windows VM. See the "Configuring a secret for the Windows Machine Config Operator" section for more details. +* You have created a private/public key pair, which is used to configure key-based authentication in the OpenSSH server. The private key must be configured in the Windows Machine Config Operator (WMCO) namespace so that the WMCO can communicate with the Windows VM. ++ +-- +include::snippets/wmco-key-ascii-encoding.adoc[] +-- ++ +See the "Configuring a secret for the Windows Machine Config Operator" section for more details. [NOTE] ==== diff --git a/snippets/wmco-key-ascii-encoding.adoc b/snippets/wmco-key-ascii-encoding.adoc new file mode 100644 index 0000000000..0b55ba5e9f --- /dev/null +++ b/snippets/wmco-key-ascii-encoding.adoc @@ -0,0 +1,18 @@ +// Text snippet included in the following modules: +// +// * modules/configuring-secret-for-wmco.adoc +// * modules/creating-the-vsphere-windows-vm-golden-image.adoc + +:_mod-docs-content-type: SNIPPET + +If you created the key pair on a {op-system-base-full} system, before you can use the public key on a Windows system, make sure the public key is saved using ASCII encoding. For example, the following PowerShell command copies a public key, encoding it for the ASCII character set: + +[source,terminal] +---- +C:\> echo "ssh-rsa " | Out-File -Encoding ascii +---- + +where: + +``:: Specifies the SSH public key used to access the cluster. +``:: Specifies the path to the SSH public key.