search

jeremmfr / terraform-provider-junos

Terraform provider for Junos devices
https://registry.terraform.io/providers/jeremmfr/junos
MIT License
62 stars 22 forks source link

Error with SSH private key for authentication #696

Closed baldpope closed 2 months ago

baldpope commented 2 months ago

I think this is a duplicate of https://github.com/jeremmfr/terraform-provider-junos/issues/40

Very basic example...

main.tf:

terraform {
  required_providers {
    junos = {
      source = "jeremmfr/junos"
    }
  }
}

# Configure the Junos Provider
provider "junos" {
  ip         = var.junos_host
  sshkeyfile = file(var.sshkeyfile)
}

# Disable an interface
resource "junos_interface_physical_disable" "interface_demo" {
  name = "ge-0/0/3"
}

variables.tf:

variable "junos_host" {
    type = string
    description = "the management IP address of the device you want to manage"
    default = "192.168.1.254"
}

variable "sshkeyfile" {
    description = "private key"
    default = "/../credentials/id_rsa"
}

and then the command output

$ terraform.exe apply -auto-approve

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # junos_interface_physical_disable.interface_demo will be created
  + resource "junos_interface_physical_disable" "interface_demo" {
      + id   = (known after apply)
      + name = "ge-0/0/3"
    }

Plan: 1 to add, 0 to change, 0 to destroy.
junos_interface_physical_disable.interface_demo: Creating...
╷
│ Error: Start Session Error
│
│   with junos_interface_physical_disable.interface_demo,
│   on main.tf line 16, in resource "junos_interface_physical_disable" "interface_demo":
│   16: resource "junos_interface_physical_disable" "interface_demo" {
│
│ creating new SSHConfig with file private key: open -----BEGIN OPENSSH PRIVATE KEY-----
│ b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
│ NhAAAAAwEAAQAAAQEAtMw5l0cXVLMAbEmLMjixyDzHDnnw7Ir6YG5+PXhyL0O9Yl5s93n0
│ Y0HM8u5TLc2FiHsAAAASdGVycmFmb3JtQGV6bGFuLmlvAQ==
│ -----END OPENSSH PRIVATE KEY-----
│ : The filename, directory name, or volume label syntax is incorrect.
baldpope commented 2 months ago

No issue, I mis-read documentation based on authentication. The working example is as such:

main.tf:


# Configure the Junos Provider
provider "junos" {
  ip            = var.junos_host
  username      = var.junos_user
  sshkey_pem    = file(var.sshkeyfile)
}

I'll close this issue as user error.

jeremmfr commented 2 months ago

Hi :wave:

Yes, the provider attribute sshkeyfile expects the file path, not its contents.

Two solutions for your case:

provider "junos" {
  sshkey_pem = file(var.sshkeyfile)
}

or

provider "junos" {
  sshkeyfile = var.sshkeyfile
}