Invalid key format - Githubissues

Aeris1One commented 4 years ago

Bug description

Invalid key format. I'm sure the key is correct: I use it personally to connect to the server.

My config

on: push
name: Deploy to CI over SFTP
jobs:
  FTP-Deploy-Action:
    name: FTP-Deploy-Action
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        fetch-depth: 2
    - name: deploy file
      uses: wlixcc/SFTP-Deploy-Action@v1.0
      with:
        username: 'aeris'
        server: 'ci-apps-dev.yunohost.org'
        private_key: ${{ secrets.DeployKey }} 
        local_path: './*'
        remote_path: '/data/pterodactyl_ynh' #make sure dir exist
        args: '-o ConnectTimeout=5'

Logs

sftp start
Warning: Permanently added 'ci-apps-dev.yunohost.org,51.15.209.133' (ECDSA) to the list of known hosts.
Debian GNU/Linux 9
Load key "../private_key.pem": invalid format
aeris@ci-apps-dev.yunohost.org: Permission denied (publickey,password).
Connection closed

wlixcc commented 4 years ago

Make sure your file format is correct with .pem , this action generate pem file connect to server

I have modified the private key, this is an example

zkrising commented 4 years ago

Hi. I'm also having this issue. I've tried generating some brand new .pem keys to see if those are accepted as valid input, but they don't appear to be accepted.

MIIEoQIBAAKCAQEAk8Iae64JZwnN8zstLd0Uz32p+qCRGRvlgYaJEKProLeWThmU
6tyC5ba2cp1dhy9f3tSbteJdeR6ZUqvTVoP1tkOqd/+y+RXmccR3siDMDAaBaj/1
fpDMHIUZTsmtaoYB5Hb4WrcEVJV4wjB17mK9joVQE6H/HYkAQxHNFZlisuHQ4Kws
cGip8FIrbsw744S9DFCi+lrL4OI9GdB2/4LbM/wphTXKuOgyYhw8CPgxb/LR6Pwp
DuNWueHrvLARiYze0P8hWVK6ja5RcpO7eLnIy2DqZIX1ZFLBdUusPtZwZ+HS/zyM
pP3/VIFLh2JsBi9KmqPXuxbjyCDqO9GpnlmZUQIBJQKCAQAv6+zp15RYxOjZQ5/z
MvH+GusFLSgj0bI32Jsn/c/hGPJ6Mc9uxA7HCtNjcU7ED11dBq8KjprbLITA3cgA
YiYtRmDM+PvGZ/e2MeGhjhip9EWl6zrc8LDmp7UuTz8pd5HpO1d3XfORDeH5yocc
4cDv8+KelWd/M1oH6hkAFhIsLQ4tH2o9cfWhnPFIfTZZb5JS1V+t9+MwxkUCYbaz
vZmU54JRbxTPqCOT3i+8Ph/Qb/FrSkuu7927Bd3XOKiza1Zn8eTTxQOfMZXNhxkG
3wPcMtLqCgQmfX2N1n0oKycyrTh4612q9JMscBaSEbsdMPZKWG2SiyyDm2xlaDtW
rKvtAoGBAPYvZkHTwfmTQBvWak4nMlXkaWAZups4myC31GA0fgLoEXYLWp79Gxqe
U4I7feQvXVJzMPpaGyA7yOrBcX/FUMT0hwEHL6wKk0MIZ+jnRpwbyE6CA0ZSbBof
Pfe3gL7dTg/Io3qGBAJ3aytc4Mb3hw1coKdmUTV7gCa3EdiC8pwFAoGBAJmmJQ20
h1BVbiejioYoj7lTKrEy497R48eapCN2Julrdjb+xKuQ2/9mhlFJEBXTPFcVphqu
ufV9cZT4+ombBnob+PQag5itl4CFy0Vm7jYd++bmOSJF47mLYwf2JfiuUv/Bw1v6
h+G+vIU9daQfUUXYx957mI+21t/2vm960pXdAoGBAMecDbjVNX5ACndvlHa3/0yP
r2KtE9fNCChdsx2SWFViN6vR2sYZVD8Ylrye8HPTYGxdZftrp0qRVswuJKzJf8JJ
uZIhgJlUrsC6tR20mh21qVRpanBegSnv0WERU6GshHuAFdj3CiuDa6aeVWMN4x+X
NibdVpoRG8xdFWNxF7zFAoGAHRGYTrNzi70irY2klev/g+0jwKjDU6srF+zS8fPC
LCkWXW54PCJTInsuKw3SnFhlXJVknUOmpBDQTJ3OiLx22NTcEoGOhKs4VpXaWTz8
onRgFu1JFFJpWnRRAYGYeyfmMGLtm8edKrVh77GueP8BicE6keAIGzBt11gx3b1K
b2ECgYABNqKnwtt9W04X4B4WaVTFibENBrXmJBnJ7eNHpLexdJ+5U5LlxiSeVzTM
0y2Sur8zWNRBr2goK89WasiHQCYeoSc8YHcyt1CciL1FksbJs7dc7G3V2Q+xAmGa
gwou2roQgp7v0zk9Fc6dqVyb74h+S6uY1nFL2zuCpJGe0cl5lw==
-----END RSA PRIVATE KEY-----

Here's a key that gives me the log Load key "../private_key.pem": invalid format

is there something else to it? Thank you.

wlixcc commented 4 years ago

@zkldi forget "-----BEGIN RSA PRIVATE KEY-----" ?

zkrising commented 4 years ago

No, sorry; just a mistake in my formatting:

Aeris1One commented 4 years ago

Why closing, as @zkldi said, there's a bug.

wlixcc commented 4 years ago

@Aeris1One as @zkldi say "just a mistake in formatting"

Aeris1One commented 4 years ago

The mistake in formatting is in the comment. Look at the screenshot ^^

wlixcc commented 4 years ago

hi, @Aeris1One I have tested it. If the correct format is used, I have not reported an error here

elmokono commented 4 years ago

Hi, having the same problem, I've added the PEM content into a secret "SSH_PRIVATE_KEY" (including the header and footer but still having the same error as mentioned.

What's the correct way of specifing the key?

Thank you

wlixcc commented 4 years ago

@elmokono It seems that this problem exists, but there is currently no more information for me to test. I also don't know exactly where the problem occurred. This action will extract the secret and generate a pem file for verification. You can try to use sftp to connect to the server directly

kronosboy commented 4 years ago

here having the same issue. Added the content of the .pem key in a secret variable in my git repo > Settings > Secrets. why the log says: "Load key "../private_key.pem": invalid format" ?

Anyone interested you can create your own script to connect to your SFTP with the following instruction. Note I use the same key defined in the secret as @wlixcc says.

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
jobs:
  deploy_job:
    runs-on: ubuntu-latest
    name: deploy
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: create ssh folder
        run: mkdir /home/runner/.ssh/

      - name: create know hosts
        run: ssh-keyscan -H your.ftp.host > /home/runner/.ssh/known_hosts

      - name: create private key
        run: touch /home/runner/.ssh/private_key.pem

      - name: copy private key
        run: 'echo "$SSH_KEY" > /home/runner/.ssh/private_key.pem'
        env:
          SSH_KEY: ${{secrets.SFTP_PASSWORD}}

      - name: change permission to private key
        run: chmod 400 /home/runner/.ssh/private_key.pem

      - name: sftp run
        run: sftp -i /home/runner/.ssh/private_key.pem your-user@your-host

Exitare commented 4 years ago

Getting the same error. Load key "../private_key.pem": invalid format.

The provided secret is valid.

kevquirk commented 3 years ago

+1 for the "invalid format" error. I can login to my server using the same key.

I tried generating a new key pair in ubuntu with ssh-keygen -t rsa and used that instead, still get the same error though.

timschneeb commented 3 years ago

As mentioned here: https://serverfault.com/a/941893, it looks like some versions of ssh-keygen don't export keys in the old PEM format anymore by default. You can try to explicitly force PEM like this: ssh-keygen -m PEM when generating a new key pair.

eryajf commented 3 years ago

ssh-keygen -m PEM

Thank you, this is useful to me.

mrunkel commented 2 years ago

In case anyone else gets here. This has nothing to do with the format of the PEM file. In my case, I had created an Environment Secret instead of a Repository secret, so nothing was being passed to the container.

Stolzenberg commented 2 years ago

Okay, so we can't use organization environment secrets. The key must be placed in the repository secrets section (as mentioned in the readme lol) and it must be ssh-keygen -m PEM. Then it will work.

wlixcc commented 1 year ago

If you use the Ed25519 algorithm to generate an SSH key pair ssh-keygen -t ed25519 -C "your_email@example.com", you need to note that the last line of the private key is a blank line. You need to keep it when adding Repository secrets, otherwise it may lead to an 'invalid format' error.

guicaiyue commented 5 months ago

Load key "../private_key.pem": invalid format 我用 ssh-keygen -m PEM 造出的文件，只有id_rsa和id_rsa.pub，为什么会告警 private_key.pem

yasirmturk commented 4 months ago

You should not set a Passphrase (keep it empty) for the private key you generated

wlixcc / SFTP-Deploy-Action

Invalid key format #1

Bug description

My config

Logs