ssh-agent icon indicating copy to clipboard operation
ssh-agent copied to clipboard
verified publisher icon webfactory

When using multiple keys, only the first one is detected

Open Pierre-FrancoisHau opened this issue 1 year ago • 7 comments

Hello, here is what my YAML file looks like:

myTitle:
    timeout-minutes: 60
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: webfactory/[email protected]
      with:
        ssh-private-key: |
          ${{ secrets.SSH_KEY_ONE }}
          ${{ secrets.SSH_Key_TWO }}

I've tried it with just the first key and just the second key, and they both work. However, when I use two keys at the same time, only one seems to be detected. Is there something I’m missing?

Pierre-FrancoisHau avatar Oct 21 '24 14:10 Pierre-FrancoisHau

We're having the same issue. Seems like the comments are not saved in deploy keys (anymore?) and so ssh-agent isn't recognizing them

malyavi-nochum avatar Nov 05 '24 21:11 malyavi-nochum

As a temporary workaround if you have 1 new key you can put the new key at the top and it will be used as the default

rupurt avatar Dec 03 '24 05:12 rupurt

theres no work around, you just shouldn't use ssh agent this way because they didn't think this through. What I'm gonna have to do is basically add each dependency as a subtree in each repository which really sucks I'm mad about it but whatever do it, don't look back and be done with it.

paigeadelethompson avatar Dec 06 '24 22:12 paigeadelethompson

Just bumped into this. Same result: whichever key is first is used, the rest seem to be ignored.

Maybe this setup should not be advertised in the frontpage/readme, given that it is known not to work. More people will bang their head against this.

https://github.com/webfactory/ssh-agent/pull/238/

mprimi avatar May 08 '25 22:05 mprimi

Suggested workaround for whoever is reading this: set and use one key at the time.

For example i want to refresh 2 submodules that have 2 different deploy keys. The following seems to work:

      - name: Add SSH key for private submodule A
        uses: webfactory/[email protected]
        with:
          ssh-private-key: ${{ secrets.SUBMODULE_A_KEY }}

      - name: "Update submodule A"
        run: |
            git submodule update --init --remote --checkout --recommend-shallow path/to/A.git

      - name: Add SSH key for private submodule B
        uses: webfactory/[email protected]
        with:
          ssh-private-key: ${{ secrets.SUBMODULE_B_KEY }}

      - name: "Update submodule B"
        run: |
            git submodule update --init --remote --checkout --recommend-shallow path/to/B.git

mprimi avatar May 13 '25 22:05 mprimi

Bumped into the same issue today, is there a fix planned?

JvdsReform avatar May 21 '25 13:05 JvdsReform

Hello, I had the same issue today :

- name: Setup SSH agent
   uses: webfactory/[email protected]
        with:
          ssh-private-key: |
            ${{ secrets.DEPLOY_KEY_APP_A }}
            ${{ secrets.DEPLOY_KEY_APP_B }}

AurelienPOLLET avatar Sep 11 '25 14:09 AurelienPOLLET