Publish over SSH invalid private key

Question

I use Publish over SSH in Jenkins to connect to remote server. I already have a private key(in OpenSSH format starts with -----BEGIN OPENSSH PRIVATE KEY-----) that works perfectly from shell under jenkins user but when I use it from web interface it throws jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@4bba7224]

At the same time I generated another key on Jenkins machine (Debian GNU/Linux 9 in Docker) and copied id_rsa.pub to remote machine. This key is different and starts with -----BEGIN RSA PRIVATE KEY----- and for this key error is Message [Auth fail] so it understand the key.

Answer 1

You use this command to generate new keypem

ssh-keygen -m PEM

The keypem start with

-----BEGIN RSA PRIVATE KEY-----

sshCommand in Jenkins will accept this key

withCredentials([sshUserPrivateKey(
    credentialsId: 'server', 
    usernameVariable: 'USER', 
    keyFileVariable: 'KEY_FILE'),
    string(credentialsId: 'server-ip', variable: 'EC2_IP')
]) {
    def remote = [:]
    remote.name = USER
    remote.host = EC2_IP
    remote.user = USER
    remote.identityFile = KEY_FILE
    remote.allowAnyHosts = true
    sshCommand remote: remote, command: "pwd"
}

Answer 2

I just came across the same issue. The plugin was confused by the newer OpenSSH format (I also had a private key starting with -----BEGIN OPENSSH PRIVATE KEY-----).

I saved the key and loaded it in PuTTyGen, then Conversions-> Export OpenSSH Key (notice there is a "Export OpenSSH Key (force new file format)" which we don't want. This is on Windows obviously; I'm not sure what equivalent would be on other OS'es.

My newly exported key started with -----BEGIN RSA PRIVATE KEY-----and the plugin accepted it after this.