encrypted ssh keys are overwritten if a pass_phrase is not defined

[cfortier2]

If you attempt to use an existing encrypted ssh_key but do not provide a pass_phrase, the keyformatter can't read key and is 'rescued' by returning nil.

The private_key class receives a 'nil' key and generates then overwrites the existing key.

[cfortier2]

the issue can be replicated by: create encrypted ssh keys add those keys to AWS account

run chef-metal with a block like: fog_key_pair 'foo' do private_key_path "#{ec2keydir}/foo" public_key_path "#{ec2keydir}/foo.pub" end

chef will error out with mismatched fingerprints and the original ssh key will be overwritten.

[lamont-granquist]

this is rather bad.