Hey all, I’ve just encountered this bug, and found the following solution:
Many technical docs from github, atlassian, etc, suggest you run:
ssh-keygen -t rsa -C "your_email@example.com" # bad
However, recent updates in ssh-keygen and associated libraries (for me, LibreSSL 2.6.4 on mojave 10.14.1, though I’m not 100% when/where it was introduced) mean that you end up getting a key that has the following header and footer:
-----BEGIN OPENSSH PRIVATE KEY-----
-----END OPENSSH PRIVATE KEY-----
GitHub understands these keys, but CircleCI returns a HTTP 400 when trying to add this as a SSH Key
The solution I found was to change the ssh-keygen command to include -m PEM
ssh-keygen -m PEM -t rsa -C "your_email@example.com" # force PEM format
This specifically tells ssh-keygen to use the PEM format (which was(?) the default, but not anymore), and outputs a key with the usual header/footer:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
Which I can then upload in the SSH Key settings screen.
I hope this helps!