diff --git a/rear-rescue-ed25519-hostkey-support-RHEL-83479.patch b/rear-rescue-ed25519-hostkey-support-RHEL-83479.patch new file mode 100644 index 0000000..5a0d3fb --- /dev/null +++ b/rear-rescue-ed25519-hostkey-support-RHEL-83479.patch @@ -0,0 +1,27 @@ +From ed10cb3c612c49a6442e679052b755c52248ab3d Mon Sep 17 00:00:00 2001 +From: "D'Haese, Gratien [GTSBE - Non JJ]" +Date: Fri, 28 Feb 2025 17:05:21 +0100 +Subject: [PATCH] On EL9 sshd will not start anymore #3413 + +--- + usr/share/rear/skel/default/etc/scripts/run-sshd | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/usr/share/rear/skel/default/etc/scripts/run-sshd b/usr/share/rear/skel/default/etc/scripts/run-sshd +index 23b8233eed..3a422fe7cd 100755 +--- a/usr/share/rear/skel/default/etc/scripts/run-sshd ++++ b/usr/share/rear/skel/default/etc/scripts/run-sshd +@@ -13,6 +13,12 @@ if grep -q '^ssh:' /etc/inittab ; then + ssh-keygen -q -t rsa -N '' -f /etc/ssh/ssh_host_rsa_key + echo -e "\nSSH fingerprint: $( ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub )\n" >> /etc/issue + fi ++ if ! test -s /etc/ssh/ssh_host_ed25519_key ; then ++ # Generate the ed25519 SSH host key required on EL9 ++ ssh-keygen -q -t ed25519 -N '' -f /etc/ssh/ssh_host_ed25519_key ++ echo -e "\nSSH fingerprint: $( ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub )\n" >> /etc/issue ++ fi ++ mkdir -p /usr/share/empty.sshd # required on EL9 + mkdir -p /run/sshd + # Avoid "Could not load host key: /etc/ssh/ssh_host_..._key" messages + # that look confusing on the recovery system login screen + diff --git a/rear.spec b/rear.spec index 8716172..ce4d60d 100644 --- a/rear.spec +++ b/rear.spec @@ -99,6 +99,10 @@ Patch122: rear-skip-longhorn-iscsi-RHEL-83551.patch # https://github.com/rear/rear/commit/1ca518c2a0e675ace956ef71bc79d67e4990562b Patch123: rear-detect-prep-boot-on-gpt-RHEL-82098.patch +# support generation of ed25519 SSH host keys in the rescue image +# https://github.com/rear/rear/commit/62d9a744ff710de34035ce15bd1b1bf810b6934a +Patch125: rear-rescue-ed25519-hostkey-support-RHEL-83479.patch + ###################### # downstream patches # ######################