diff --git a/rhodecode/apps/admin/views/users.py b/rhodecode/apps/admin/views/users.py --- a/rhodecode/apps/admin/views/users.py +++ b/rhodecode/apps/admin/views/users.py @@ -872,7 +872,10 @@ class UsersView(UserAppView): c.active = 'ssh_keys_generate' comment = 'RhodeCode-SSH {}'.format(c.user.email or '') - c.private, c.public = SshKeyModel().generate_keypair(comment=comment) + private_format = self.request.GET.get('private_format') \ + or SshKeyModel.DEFAULT_PRIVATE_KEY_FORMAT + c.private, c.public = SshKeyModel().generate_keypair( + comment=comment, private_format=private_format) return self._get_template_context(c) diff --git a/rhodecode/apps/my_account/views/my_account_ssh_keys.py b/rhodecode/apps/my_account/views/my_account_ssh_keys.py --- a/rhodecode/apps/my_account/views/my_account_ssh_keys.py +++ b/rhodecode/apps/my_account/views/my_account_ssh_keys.py @@ -72,8 +72,11 @@ class MyAccountSshKeysView(BaseAppView, c.active = 'ssh_keys_generate' if c.ssh_key_generator_enabled: + private_format = self.request.GET.get('private_format') \ + or SshKeyModel.DEFAULT_PRIVATE_KEY_FORMAT comment = 'RhodeCode-SSH {}'.format(c.user.email or '') - c.private, c.public = SshKeyModel().generate_keypair(comment=comment) + c.private, c.public = SshKeyModel().generate_keypair( + comment=comment, private_format=private_format) c.target_form_url = h.route_path( 'my_account_ssh_keys', _query=dict(default_key=c.public)) return self._get_template_context(c) diff --git a/rhodecode/model/ssh_key.py b/rhodecode/model/ssh_key.py --- a/rhodecode/model/ssh_key.py +++ b/rhodecode/model/ssh_key.py @@ -38,6 +38,7 @@ log = logging.getLogger(__name__) class SshKeyModel(BaseModel): cls = UserSshKeys + DEFAULT_PRIVATE_KEY_FORMAT = 'pkcs8' def parse_key(self, key_data): """ @@ -66,16 +67,23 @@ class SshKeyModel(BaseModel): log.error("Key Parse error: %s", err) raise - def generate_keypair(self, comment=None): + def generate_keypair(self, comment=None, private_format=DEFAULT_PRIVATE_KEY_FORMAT): key = rsa.generate_private_key( backend=crypto_default_backend(), public_exponent=65537, key_size=2048 ) + if private_format == self.DEFAULT_PRIVATE_KEY_FORMAT: + private_format = crypto_serialization.PrivateFormat.PKCS8 + else: + # legacy format that can be used by older systems, use if pkcs8 have + # problems + private_format = crypto_serialization.PrivateFormat.TraditionalOpenSSL + private_key = key.private_bytes( crypto_serialization.Encoding.PEM, - crypto_serialization.PrivateFormat.PKCS8, + private_format, crypto_serialization.NoEncryption()) public_key = key.public_key().public_bytes( crypto_serialization.Encoding.OpenSSH, diff --git a/rhodecode/templates/admin/users/user_edit_ssh_keys_generate.mako b/rhodecode/templates/admin/users/user_edit_ssh_keys_generate.mako --- a/rhodecode/templates/admin/users/user_edit_ssh_keys_generate.mako +++ b/rhodecode/templates/admin/users/user_edit_ssh_keys_generate.mako @@ -10,7 +10,7 @@
%if c.ssh_enabled and c.ssh_key_generator_enabled:

- ${_('Below is a 2048 bit generated SSH RSA key.')}
+ ${_('Below is a 2048 bit generated SSH RSA key.')}
${_('If you use older systems please try to generate a')} ${_('legacy format')} ssh key.
${_('If You wish to use it to access RhodeCode via the SSH please save the private key and click `Use this generated key` at the bottom.')}

${_('Private key')}