search

TritonDataCenter / triton-kubernetes

Kubernetes on Triton
Mozilla Public License 2.0
183 stars 44 forks source link

Unable to parse private key: ssh: cannot decode encrypted private keys #165

Closed wanghaisheng closed 3 years ago

wanghaisheng commented 3 years ago

(base) wenke@wenkedeMac-mini ~ % ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/Users/wenke/.ssh/id_rsa): Created directory '/Users/wenke/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/wenke/.ssh/id_rsa. Your public key has been saved in /Users/wenke/.ssh/id_rsa.pub. The key fingerprint is: SHA256:SW8CMQ0XWLk8e77/x4j9lNMq1P0ToeGLYXLPHKgmm3s wenke@wenkedeMac-mini.local The key's randomart image is:

(base) wenke@wenkedeMac-mini ~ % triton-kubernetes create manager ✔ Backend Provider: Local create manager called ✔ Cloud Provider: Triton ✔ Cluster Manager Name: k2000 ✔ Private Registry: None ✔ Rancher Server Image: Default ✔ Rancher Agent Image: Default ✔ Set UI Admin Password: ** ✔ Triton Account Name: k2000 ✔ Triton Key Path: ~/.ssh/id_rsa ✔ Private Key Password: ** Unable to parse private key: ssh: cannot decode encrypted private keys

wanghaisheng commented 3 years ago

Once I recreated the key with

 ssh-keygen -t rsa -b 4096 -N '' everything worked.
wanghaisheng commented 3 years ago

Error parsing private key: asn1: structure error: tags don't match (16 vs {class:1 tag:15 length:112 isCompound:true}) {optional:false explicit:false application:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} pkcs1PrivateKey @2

wanghaisheng commented 3 years ago

https://github.com/joyent/triton-kubernetes/issues/152

Managed to track this down to a new SSH key format issue. Keys using the old format have BEGIN RSA PRIVATE KEY in the key file - these keys are working fine.

Keys with the new format BEGIN OPENSSH PRIVATE KEY fail with the asn1 error (above).

Have not spent more time on this, likely related to the Go SSH library.

wanghaisheng commented 3 years ago

macos

wanghaisheng commented 3 years ago

(base) wenke@wenkedeMac-mini ~ % ssh-keygen -p -m PEM -f ~/.ssh/id_rsa

(base) wenke@wenkedeMac-mini ~ % ssh-keygen -p -m PEM -b 1024 -f ~/.ssh/id_rsa

still

Error parsing private key: asn1: structure error: tags don't match (16 vs {class:0 tag:1 length:73 isCompound:true}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} pkcs1PrivateKey @2
blackwood821 commented 2 years ago

I'm getting this error too and I'm wondering why the issue was closed. Can't the code that parses the private key be modified to handle both formats?