Merge pull request #33336 from kalexand-rh/BZ1962418

kalexand-rh · web-flow · commit 31e5417ff5b6 · 2021-06-14T08:09:38.000-04:00
BZ1962418: adding note about ssh key algorithms for FIPS
diff --git a/modules/ssh-agent-using.adoc b/modules/ssh-agent-using.adoc
@@ -172,6 +172,11 @@ $ ssh-keygen -t ed25519 -N '' \
 +
 Running this command generates an SSH key that does not require a password in
 the location that you specified.
++
+[NOTE]
+====
+If you plan to install an {product-title} cluster that uses FIPS Validated / Modules in Process cryptographic libraries on the `x86_64` architecture, do not create a key that uses the `ed25519` algorithm. Instead, create a key that uses the `rsa` or `ecdsa` algorithm.
+====
 
 . Start the `ssh-agent` process as a background task:
 +

Original file line number	Diff line number	Diff line change
`@@ -172,6 +172,11 @@ $ ssh-keygen -t ed25519 -N '' \`
`172`	`172`	`+`
`173`	`173`	`Running this command generates an SSH key that does not require a password in`
`174`	`174`	`the location that you specified.`
	`175`	`++`
	`176`	`+[NOTE]`
	`177`	`+====`
	`178`	+If you plan to install an {product-title} cluster that uses FIPS Validated / Modules in Process cryptographic libraries on the `x86_64` architecture, do not create a key that uses the `ed25519` algorithm. Instead, create a key that uses the `rsa` or `ecdsa` algorithm.
	`179`	`+====`
`175`	`180`
`176`	`181`	. Start the `ssh-agent` process as a background task:
`177`	`182`	`+`