action #160739
Updated by livdywan about 1 month ago
## Observation
In https://gitlab.suse.de/openqa/salt-pillars-openqa/-/merge_requests/815 and with the [following deployment job](https://gitlab.suse.de/openqa/salt-pillars-openqa/-/jobs/2641495), we had to realize that currently we're affected by https://github.com/saltstack/salt/issues/61299 :
```
ada.qe.prg2.suse.org:
----------
ID: ph03nix
Function: ssh_auth.present
Name: sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDF+5kEasMGxX9q6WERpGPOeQGB0j681GMMkRRWo/fg2AAAABHNzaDo= phoenix@racetrack-7290-nitrokey
Result: False
Comment: Invalid public ssh key, most likely has spaces or invalid syntax
Started: 14:36:03.312924
Duration: 1.374 ms
Changes:
----------
ID: ph03nix
Function: ssh_auth.present
Name: sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDeAIjDQ36FJux7JK3vygkWJ5K5/FHUuvPDxRsOnmEC5AAAABHNzaDo= phoenix@racetrack-7290-yk5
Result: False
Comment: Invalid public ssh key, most likely has spaces or invalid syntax
Started: 14:36:03.315261
Duration: 1.349 ms
Changes:
Summary for ada.qe.prg2.suse.org
--------------
Succeeded: 257
Failed: 2
--------------
Total states run: 259
Total run time: 11.519 s
ada.qe.prg2.suse.org:
Error: ssh_auth.present
```
We had to revert this for now: https://gitlab.suse.de/openqa/salt-pillars-openqa/-/merge_requests/816
## Acceptance criteria
* **AC1:** No more invalid key errors despite keys called like `sk-ssh-ed25519@openssh.com `
## Suggestions
* I think the best we can currently do is either provide an upstream fix or workaround it in our states. For a workaround I would try to simply append each value of `pub_ssh_key` per user (similar to how we do it with [other files](https://gitlab.suse.de/openqa/salt-states-openqa/-/blob/master/openqa/openvswitch.sls?ref_type=heads#L101-114)).
* Or provide the workaround and just propese an upstream fix - don't worry about packaging etc here
* Tell the team what this is and why you might want it