Adding SSH keys fails

ssh
keys

#21

This worked for us, @fidenz-chim!


#22

This is the only thing that works.


#23

Same issue. no passphrase. RSA 2048.

-----BEGIN OPENSSH PRIVATE KEY-----
....redacted.....
-----END OPENSSH PRIVATE KEY-----

Is there a bug?

I also manually updated to

-----BEGIN RSA PRIVATE KEY-----
....same redacted contents as above.....
-----END RSA PRIVATE KEY-----

… with no luck.


#24

Hey all, I’ve just encountered this bug, and found the following solution:

Many technical docs from github, atlassian, etc, suggest you run:

ssh-keygen -t rsa -C "your_email@example.com"  # bad

However, recent updates in ssh-keygen and associated libraries (for me, LibreSSL 2.6.4 on mojave 10.14.1, though I’m not 100% when/where it was introduced) mean that you end up getting a key that has the following header and footer:

-----BEGIN OPENSSH PRIVATE KEY-----
-----END OPENSSH PRIVATE KEY-----

GitHub understands these keys, but CircleCI returns a HTTP 400 when trying to add this as a SSH Key

The solution I found was to change the ssh-keygen command to include -m PEM

ssh-keygen -m PEM -t rsa -C "your_email@example.com"  # force PEM format

This specifically tells ssh-keygen to use the PEM format (which was(?) the default, but not anymore), and outputs a key with the usual header/footer:

-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----

Which I can then upload in the SSH Key settings screen.

I hope this helps!


#25

You rock glasnt!


#26

Thanks glasnt, that sorted me too! :slight_smile:


#27

Thanks a ton, @glasnt!
I created a PR for the CircleCI docs


#28

This was my issue too! Thank you!


#29

@glasnt Thanks! That fixed it for me too.


#30

Well i’ve tried everything listed in this thread… Even
ssh-keygen -m PEM -t rsa -C "your_email@example.com" # force PEM format

and i still get error 400 bad request.

Why don’t circle ci generate keys automatically like bitbucket?

Anyone else know how i might resolve this? I’m using high sierra 10.13 to generate keys

Now sorted. The above worked thanks


closed #31

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.


opened #32

#33

-m PEM Worked for me too


closed #34

This topic was automatically closed after 14 days. New replies are no longer allowed.