Reputation: 301
How to read/write SSH Private key (id_rsa)
As part of an automated Cloud Init setup, I am auto generating public/private keys for users, reading them from file and then saving them in bash variables like so
public_key=$(cat /path/to/id_rsa.pub)
private_key=$(cat /path/to/id_rsa)
Then I write them to the target machine through Cloud Init like so
- sudo -H -u aryan bash -c 'echo "$public_key" > ~/.ssh/id_rsa.pub'
- sudo -H -u aryan bash -c 'echo "$private_key" > ~/.ssh/id_rsa'
The public key is written correctly, but the private key is written to a single line and then SSH complains that it is the wrong format. I am expecting this
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCpOipW5Xyjc9jLE6AX/0HktpZtyokJap9k5njJl3uw7VpcUITW
3UzHHZor4b4N1x8wp17Y0udPsrcPtfJR+pVSr0s6ZMkjX0B7J5jE64iPlVOkO+ww
b4CMlonViWeTJ/+gSLkfC2EDfSqPTEOWx44Vs7Mt2qi5Rvq/Po81NDrK2QIDAQAB
AoGAcklZ9r2dYzYFn4BtikdVVQUKqrMxwS5E33vW7y5i1qY1dErcq89g3shbKm+W
TvqNkeo23+/vT5++idmzATJeTQ+uhRidPrU6XTWd4I8LvHB6dYIGKpGuciv4NWG0
3CLDt5IRLpAJ8qAl3tmitWadZw7lJtGAWg+7zdbIoP07XhECQQD32vBAwePlB/ZY
CsRNeIDUWtAGaxqBvssmbh4wfCYZDH+3BJbyMG0AWycE0YLZLlACKzTUu5PC8CKu
zQBKb02LAkEArsnGdJ7ipDTZZWl1Q42M494SfQUA9+he12WU6O2o2BJqr8cVRG2V
BJHHXvdHB+xWRMpo0vxTiGdDIDqPwfPdqwJBAMBpkgvjuYSqur48lYpC21h/q3Dg
IrLIqDMMV5lyN61Ie7lb8cbQez5EhTUDZN4vSuN0IU5o1FwIShSDhw9B+uMCQFwN
UiJLJ0uZtcCOCL76BnBfnVcQUpE9ZO2FxyXhPGIHWP6YF6BBIhEVAW4HRvZqRojW
HNy5HPkigRyxGtLnrx8CQFWZtrGiBIrYRsrf9fwXv4DTB5z7sQLEf8x2dwvif34O
+bYMoDJPewr3ti88KJP4rubmIS9PTCAJxEfMBPkZHvE=
-----END RSA PRIVATE KEY-----
But instead I have this (truncated)
-----BEGIN RSA PRIVATE KEY-----MIICXAIBAAKBgQCpOipW5Xyjc9jLE6AX/0HktpZtyokJ...
Question: How do I correctly read a private key into a variable and then write it to a text file
Note: The easiest way would be to simply copy the file but I don't think Cloudinit supports cp/scp. If it does, please do let me know how
Upvotes: 2
Views: 3230
Answers (2)
Reputation: 19
What you can do for cloud-init ssh setup, is to generate the private and public key before the deployment and then use cloud-init to deploy the servers with those ssh keys. This way, you will always have the same private key on your computer and be able to ssh into the new servers. Also it might be a security issue if the wrong people have access to the cloud-config file
Sample code:
ssh_authorized_keys:
- ssh-rsa AAA... user@server
ssh_keys:
rsa_private: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpwIBAAKCAQIA3FurAzWIiBuNd1ew2sM3s/eOg+Sf9nSQPcEzNyNTkhxSwkxf
3fgNlSpoBc1s7XD9DefpzGT/lxZzVQcQGJ7NnxddRKOH8Uhhp75L3Q18L4z4bZNM
zX5ngtZopa4SoFWiMCVljXeWy4CpuQdpD8N9Bpb+9IYCVOzitnrD2UM2ubf6imOq
Saeiyi3/SdftcUO3uhjemLkg9d2nwvfbJUqSFR4NGR5nsOxxMC4tnxylDRN88qE3
fSrSQHY+qTu+3mKQ6J7VKUM7e0jRD/vQK64V0f6AqKLxta7XFeA8sIa0qbGNQHBk
Zg+OOFYUz4x0qbwmwuQR9RS6HnBLXvdcZb36nXkCAwEAAQKCAQEfx+jGMbZbSv4A
NFmBc55ZCl83joWzmeQjw/WLAkFPVV5qP3GkJd5voQoXrCUFqcIVe1kw7XAfblF7
9eTQaDbntwrwl1VH61SKSNvQKd27Tf2WgCQXjx+Gsz2sh4qQLUmTABHBcXoCJ7BS
y0rPxzYE+UoUIi+7595ayyHr99Gwv1/N78xw7PS+oyxmn4rsbFYfWbkKWKgbizAm
oxM5EE1g1Mn9m0ocruYzTiPIHLGMsfeqMDzHG7lK0rTL0nqFP/QegZkSE0hQ/fJm
gS44NnFQ1HeQB3GCbgJlQFNVNHPueZevEemZ5QEuPIhYmG8+GlGRl9aFto9BGDa7
z0Ct29HeAQKBgQ95Z86CIZIsSWhjt0ZjW0DzFd6JQC+gKxmxcaELZPL+M0jh2zMV
9jCIPERV4RKwzttKm/tGz2Zh+FsToi0Ie1TW4uVArGcFeX+XsTIrcIyIwzoFixR1
k2Rv9ZwJGQgapTokhoVidAMRUIZfN/2HH4y2ZnIdOUDpP8FpknFiTXFoEQKBgQ49
hWHFwKFB6sprKq+dJkFgNEhtdn4q0K5NrBgwHm6h2sO3tyIwVMCmhwHtBnEQOovg
W7dM/GYqpxE76qaJBoHFht0RGPxt1wbQRbjwZ78KdMrLa+RZlFRVdPU5QXEcYu+H
jqIiTf/aDl69cdQ8dkJoGwjjT80R4t2zy+7iKqqG6QKBgQbqYhsniytRgYkWr2zU
sI6pVMe3nSPrt/dmlvq7JeV296Kf1bnSAdGUwSJlIw6AWCInCOjWr4/5Ds5dSuhH
Vx8GXibIrYPpLXB5caaTRVx5Lo66tXpyRWnoo2KVqks15UvD0R7BbkmErnEvEs3K
Wq4/Qi+Toe3Blk2xCdKEdUnOkQKfgQLZXC5LmlapEYieGFQ6ZMT/snYrMGHdvxKg
h6XvOqd3yoUN5J36fXpt1uUTvw4v6QbDRJZP2M+4COTxz+ix0ZN1KZ5hJVabw0Gh
udFeh+M4/FT2jgeJxJt63YOSiP1QaJrzzB20L1bZEbbywCtuTVrL6VzF3dlxkqo4
pryMk2y6wQKBgQ3MpmrMTRS3bA7h6qMvaZep6Pke6gsXSgGpbU9mFB2ja8IKIVLZ
iVLjmcN1ItqKtYbD01WURkcV3ne+E9bbDYrBQmPDfaO+VbUgBVTjmybLpamrci5k
DcDQVCymHy0EwAqGOuWKM8EgbxuTKDGuUX9Q0TI23fwTc9rB6j3FEAnyvQ==
-----END RSA PRIVATE KEY-----
Upvotes: 0
Reputation: 16042
You need to quote your command substitution to preserve newlines:
private_key="$(cat /path/to/id_rsa)"
Upvotes: 1
Related Questions
- How to specify the private SSH-key to use when executing shell command on Git?
- Openssh Private Key to RSA Private Key
- Specify private key in SSH as string
- convert ed25519 private ssh key to RSA private key
- Load private key manually with ssh
- How to use private key with ssh login on Mac terminal? My attempts result in `Load key "/path/to/privatekey": invalid format`
- Accessing own ssh key generated in a Macbook
- ssh script gives "key_read" error
- How to pass private key as text to ssh?
- ssh: id_rsa not accessible - how do I get it?