Use RSA keys in FIPS mode tests

Elliptical curve algorithms are not yet supported on FIPS systems.
Use RSA keys for the acceptance tests.

Author: stanhu

cmd/gitlab-sshd/acceptance_test.go

@@ -4,6 +4,8 @@ import (
 	"bufio"
 	"context"
 	"crypto/ed25519"
+	"crypto/rand"
+	"crypto/rsa"
 	"encoding/json"
 	"encoding/pem"
 	"fmt"
@@ -218,7 +220,14 @@ func buildClient(t *testing.T, addr string, hostKey ed25519.PublicKey) *ssh.Clie
 	pubKey, err := ssh.NewPublicKey(hostKey)
 	require.NoError(t, err)
 
-	_, clientPrivKey, err := ed25519.GenerateKey(nil)
+	var clientPrivKey interface{}
+
+	if os.Getenv("FIPS_MODE") == "1" {
+		clientPrivKey, err = rsa.GenerateKey(rand.Reader, 2048)
+	} else {
+		_, clientPrivKey, err = ed25519.GenerateKey(nil)
+	}
+
 	require.NoError(t, err)
 
 	clientSigner, err := ssh.NewSignerFromKey(clientPrivKey)

support/lint_last_known_acceptable.txt

@@ -37,7 +37,7 @@ cmd/gitlab-shell/main.go:48:15: Error return value of `fmt.Fprintln` is not chec
 cmd/gitlab-shell/main.go:53:23: Error return value of `logCloser.Close` is not checked (errcheck)
 cmd/gitlab-shell/main.go:60:14: Error return value of `fmt.Fprintf` is not checked (errcheck)
 cmd/gitlab-shell/main.go:61:3: exitAfterDefer: os.Exit will exit, and `defer logCloser.Close()` will not run (gocritic)
-cmd/gitlab-sshd/acceptance_test.go:458:2: encoded-compare: use require.JSONEq (testifylint)
+cmd/gitlab-sshd/acceptance_test.go:467:2: encoded-compare: use require.JSONEq (testifylint)
 internal/command/authorizedkeys/authorized_keys.go:29:4: internal/command/authorizedkeys/authorized_keys.go:29: Line contains TODO/BUG/FIXME/NOTE/OPTIMIZE/HACK: "TODO: Log this event once we have a cons..." (godox)
 internal/command/command.go:1:1: package-comments: should have a package comment (revive)
 internal/command/command.go:15:6: exported: exported type Command should have comment or be unexported (revive)