git-resource
git-resource copied to clipboard
ed25519 private keys report 'invalid format'
I'm trying to access a GitLab instance using an ed25519 keypair. The resource config is as follows:
resources:
- name: source-code
type: git
source:
uri: git@my-gitlab-server:test/test.git
branch: master
private_key: |
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACBW07R2sSrocj/6pT3d0+dp9Y6Bj6NfHJUjmEypXFniSgAA
AIMA/wD/AP8A/wAAAAtzc2gtZWQyNTUxOQAAACBW07R2sSrocj/6pT3d0+dp9Y6B
j6NfHJUjmEypXFniSgAAAECH7LxFlFkKVw9rRN0vImKc/lE8wqlI2lfpyKPI3unR
9lbTtHaxKuhyP/qlPd3T52n1joGPo18clSOYTKlcWeJKAAAAAA==
-----END OPENSSH PRIVATE KEY-----
(this private key is no longer valid ofc)
When using this config, builds stall at the first stage and running check-resource results in the following:
$ fly -t my-team check-resource -r test/source-code
error: check failed with exit status '1':
Error loading key "/tmp/git-resource-private-key": invalid format
If I use an RSA2048 key-pair instead, it works fine.
Still doesn't work in v7.3.2.
At least with programs like ssh-add
(not sure about this) - ed25519
keys require a blank newline at the end of the file. Not sure how best to represent that in YAML.
# invalid:
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACBW07R2sSrocj/6pT3d0+dp9Y6Bj6NfHJUjmEypXFniSgAA
AIMA/wD/AP8A/wAAAAtzc2gtZWQyNTUxOQAAACBW07R2sSrocj/6pT3d0+dp9Y6B
j6NfHJUjmEypXFniSgAAAECH7LxFlFkKVw9rRN0vImKc/lE8wqlI2lfpyKPI3unR
9lbTtHaxKuhyP/qlPd3T52n1joGPo18clSOYTKlcWeJKAAAAAA==
-----END OPENSSH PRIVATE KEY-----
but
# valid:
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACBW07R2sSrocj/6pT3d0+dp9Y6Bj6NfHJUjmEypXFniSgAA
AIMA/wD/AP8A/wAAAAtzc2gtZWQyNTUxOQAAACBW07R2sSrocj/6pT3d0+dp9Y6B
j6NfHJUjmEypXFniSgAAAECH7LxFlFkKVw9rRN0vImKc/lE8wqlI2lfpyKPI3unR
9lbTtHaxKuhyP/qlPd3T52n1joGPo18clSOYTKlcWeJKAAAAAA==
-----END OPENSSH PRIVATE KEY-----
when i changed the last CRLF to LF, it works well.
I was just trying to access a blank VPS from the Chromebook SSH app and landed here. Adding the trailing newline onto the private key fixed the error here as well. It's a very interesting (and arbitrary) failure case :) thanks for the fix