When using COPY to copy the private key into the Docker image, my image is able to connect to the github repo
COPY id_ed25519 /root/.ssh/id_ed25519
However, when I use the following, its now a wrong format.
RUN echo "${SSH_KEY}" > /root/.ssh/id_ed25519
I'm using Visual Code for developement, i've tried various ways of saving the key to the .env file
copy paste with mouse
copy paste with keyboard
leaving the end of the file SSH_KEY=" and running cat id_ed25519 > .env then adding a "
Sample .env
...
SOME_OTHER_VARL="http://localhost:3000"
# Github
SSH_KEY="-----BEGIN OPENSSH PRIVATE KEY-----
`xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
`xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
`xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
`xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END OPENSSH PRIVATE KEY-----
"
Obviously something is happening to the format when I try to save the contents of the private key to the .env file. Anyone have any ideas?
Eventually this private key will end up in Azure Pipelines as a secrets, so I'll need a way to preserve the format there as well...
Thanks!
Related
The gitlab documentation has the following description for the variable $SSH_PRIVATE_KEY:
Create a new file type CI/CD variable. As Key enter the name
SSH_PRIVATE_KEY and in the Value field paste the content of your
private key that you created earlier.
Which according to my understanding means that I am supposed to paste the contents of my
~/.ssh/id_ed25519 file there.
In their gitlab-ci.yaml, they say
- chmod 400 "$SSH_PRIVATE_KEY"
- ssh-add "$SSH_PRIVATE_KEY"
But if $SSH_PRIVATE_KEY is the contents of a generated private key (starting with -----BEGIN OPENSSH PRIVATE KEY----- etc.), this obviously fails. What exactly am I supposed to plac in the $SSH_PRIVATE_KEY variable if not my private key?
I getting error "ERROR: Failed to run ssh-add"
I am trying to ssh into remote machine so
SSH credential are set
Pipeline script is calling ssh-agent
On executing the job I get error below
I have tried this reported bug https://issues.jenkins-ci.org/browse/JENKINS-50181 but it is not working and bug has been already resolved in latest version 1.17 which i have now.
Can anyone suggest how to fix this issue.
This is just a wild guess since this could have different reasons.
But I just had this error, and my problem was that when I created the credential in Jenkins I forgot to add a linebreak at the end of the input.
...
...<all the usual content>...
...
-----END OPENSSH PRIVATE KEY-----<linebreak needed here>
I got this error when I put the SSH public key into the Jenkins credential instead of properly putting the private key.
Note that the private key is the long one that looks like this:
-----BEGIN RSA PRIVATE KEY-----
... lots of unreadable random characters for many lines ...
-----END RSA PRIVATE KEY-----
I got this error when I didn't put they private key's passphrase into Jenkins.
I thought the key didn't have a passphrase because I wasn't having to enter it when using the key manually. It turns out my local keyring was automatically taking care of this.
I ran into this problem after copying the credentials.xml file from an old installation to a new one. The key appears to be stored in a hashed format in the credentials.xml file and may be the hash is unique based on the version of jenkins. I just had to find the private key on my system and then paste it in the UI along with the additional line break as suggested by #peedee
I had the same issue when I tried to use OpenSSH key format in Jenkins credentials - remote session always fails with ERROR: Failed to run ssh-add.
The solution was to provide a PEM key generated with -m PEM flag. So the private key format should be: "-----BEGIN RSA PRIVATE KEY-----" instead of "-----BEGIN OPENSSH PRIVATE KEY-----" etc.
I Have installed 'Publish Over SSH' plugin in Jenkins and would like to transfer few files to SSH Server after each Build .
I have generated the private key using puttygen with passphrase and have given the OpenSSH Public Key in 'authorization_keys' in SSH Server.
Using the generated private key and passphrase , I'm able to login to the SSH Server through PuTTY.
But in Jenkins I'm not able to add the SSH Key. Getting the below Error.
jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [The cipher 'aes256-cbc' is required, but it is not available.
Most of the tools (including Jenkins) support keys in OpenSSH format (generated using ssh-keygen), not in the PuTTY format (generated using PuTTYgen). Generate a new key using ssh-keygen or convert the PPK to OpenSSH format.
I wrote the following information in the SO Documentation.
Convert PPK (PuTTY key) to OpenSSH format
You might receive from your peer private key in PPK format, which seems it does not work in OpenSSH (command-line ssh). The client will be asking for the passphrase, because of OpenSSH bug.
$ ssh -i mykey.ppk example.com
Enter passphrase for mykey.ppk:
You need to convert the key to OpenSSH format using PuTTYgen (command-line version):
puttygen mykey.ppk -o mykey.key -O private-openssh
Or in GUI version:
Open PuttyGen
Click Load
Load your private key
Go to Conversions->Export OpenSSH and export your private key
Copy your private key to ~/.ssh/id_rsa
Source: SO answer, Unix SE answer
I am a first time AWS user, and have been following this tutorial
to set up with Ubuntu. I've generated my keys, saved to my computer, and now I'm at a screen that looks like this:
and the next steps is "put in your key"... I have been searching for hours on the internet, and I can not figure out where to find my key. Am I just pasting in the ssh file I have already saved on my folder, or is there a unique string within that file that I am needing to grab? If so - how do I find that? If not, what am I looking for here? Any help would be appreciated!! Sorry if this is a very elementary question. Thanks!!
Hopefully #error2007s helped but just in case -- you would need to put in your public key that is usually stored in a file called id_rsa.pub in your .ssh folder in your home directory. It starts with ssh-rsa, has a long list of letters and numbers and then ends with the email address you used when creating the key. You can list out the contents of that file by typing this in your terminal:
cat ~/.ssh/id_rsa.pub
That is what you need to add to the file on your server when you typed ~/.ssh/authorized_keys. Let me know if you have any other questions!
To be Direct to your question, on your blank nano editor for authorized_keys, you must put content of id_rsa.pub located under /home/deploy/.ssh/id_rsa.pub. you can simply cat /home/deploy/.ssh/id_rsa.pub, copy entire content and paste on the authorized_keys.
general steps to generate keys are below:
1) ls -ltr /home/deploy/.ssh - you would see like id_rsa, id_rsa.pub and authorized_keys. If you don't have authorized_keys, then do cp id_rsa.pub authorized_keys, it will copy id_rsa.pub content to authorized_keys. Please be sure that .ssh folder has 700 permission and files inside it has 600. Chmod 700 ~/ssh and Chmod 600 ~/ssh/*.
2) Create a key file in your local computer like (nano mydeploykey.pem) and make sure you copy the entire content of id_rsa and paste it on mydeploy.pem. Please ensure -----BEGIN RSA PRIVATE KEY----- contents and -----END RSA PRIVATE KEY----- is present. Note that there are five (5) dashes ----- and make sure you have those in your keys. If you missed copying one dash, it will not work.
Alternatively, you can use winscp or filezilla to copy id_rsa to your local computer and rename it as mydeploykey.pem. this key (mydeploykey.pem) should have 600 permission as well, if its too open, it will complain.
if you are using terminal to login, please use the following command.
ssh -i /path/to/mydeploykey.pem ubuntu#awspublicipaddress. Let me know if this does not work.
When I use the following codes in terminal, it works well.
#!/usr/bin/expect -f
spawn scp /Users/Shared/Jenkins/workspace/testslave/XXXXXX aaa#10.XXX.XXX.XX:/tmp/XXXX
expect "*assword:"
send "password\r"
interact
but when I copy the content to the Jenkins,the Jenkins didn't copy the file to the destination,and with no error.
A cleaner approach is to generate a public/private key with no pass-phrase and to use it as an authentication method.
The steps are:
Generate the key by executing ssh-keygen
Copy the public key (usually id_rsa.pub) to the .ssh folder of the user in the destination host. In your case it seems to be /Users/Shared/Jenkins/.ssh
Execute: scp -i id_rsa /Users/Shared/Jenkins/workspace/testslave/XXXXXX aaa#10.XXX.XXX.XX:/tmp/XXXX