do not generate dsa

cloud-init.spec

@@ -1,6 +1,6 @@
 Name: cloud-init
 Version: 21.4
-Release: 22
+Release: 23
 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance.
 License: ASL 2.0 or GPLv3
 URL: http://launchpad.net/cloud-init
@@ -46,6 +46,7 @@ Patch6015: backport-cc_disk_setup-pass-options-in-correct-order-to-utils.patch
 Patch6016: backport-util-add-Version-class.patch
 
 Patch9000: Fix-the-error-level-logs-displayed-for-the-cloud-init-local-service.patch
+Patch9001: do-not-generate-dsa.patch
 
 Patch6017: backport-cc_ubuntu_advantage-Redact-token-from-logs-1726.patch
 Patch6018: backport-Do-not-silently-ignore-integer-uid-1280.patch
@@ -180,6 +181,12 @@ fi
 %exclude /usr/share/doc/*
 
 %changelog
+* Tue Nov 07 2023 shixuantong <shixuantong1@huawei.com> - 21.4-23
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:do not generate dsa
+
 * Tue Nov 07 2023 shixuantong <shixuantong1@huawei.com> - 21.4-22
 - Type:bugfix
 - CVE:NA

do-not-generate-dsa.patch

@@ -0,0 +1,26 @@
+From 314952210a5900aced4f2578a5f663eb21a16e77 Mon Sep 17 00:00:00 2001
+From: shixuantong <shixuantong1@huawei.com>
+Date: Mon, 6 Nov 2023 16:42:16 +0800
+Subject: [PATCH] do not generate dsa
+
+---
+ config/cloud.cfg.tmpl | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
+index 4df91f1..5f0fe00 100644
+--- a/config/cloud.cfg.tmpl
++++ b/config/cloud.cfg.tmpl
+@@ -66,6 +66,9 @@ network:
+   config: disabled
+ {% endif %}
+ 
++# do not generate dsa
++ssh_genkeytypes:  ['rsa', 'ecdsa', 'ed25519']
++
+ # The modules that run in the 'init' stage
+ cloud_init_modules:
+  - migrator
+-- 
+2.33.0
+