CircleCI does not support PKCS#8 ssh keys

ssh
keys
deployment

#1

Right now, CircleCI only support PKCS#1 ssh keys (BEGIN RSA PRIVATE KEY) which is deprecated.
Latest ssh-keygen versions don’t allow anymore to generate them and use PKCS#8 as default (BEGIN OPENSSH PRIVATE KEY). Sadly, CircleCI consider them as invalid.

Is it possible to allow PKCS#8 keys which is now the default ssh private keys format and which by the way also allows to use more secure ECDSA keys (or any other supported encryption as the encryption protocol is noincluded into the key)

NB: See https://stackoverflow.com/questions/20065304/differences-between-begin-rsa-private-key-and-begin-private-key or https://crypto.stackexchange.com/questions/35093/why-ssh-gen-makes-difference-between-pem-and-pkcs8 for details about their differences and why PKCS#1 is deprecated.


#2

I’d suggest adding this to the ideas list.