jenkins pipeline fail - ERROR: Failed to run ssh-add ; says error loading key - invalid format

Question

I'm trying to ssh into ec2 from jenkins, i have set the credentials in jenkins global with key downloaded from aws i,e "something.pem" . I copied the contents and pasted. not sure why jenkins is not able to read from the private key

`SSH_AGENT_PID=2612
Running ssh-add (command line suppressed)
Error loading key "/var/jenkins_home/workspace/ultibranch-pipeline_jenkins-           
jobs@tmp/private_key_8683577244018302829.key": invalid format
[Pipeline] // sshagent
[Pipeline] End of Pipeline
ERROR: Failed to run ssh-add
Finished: FAILURE`

i looked for solution but mostly they say its because of a line break at the end of the RSA private key line, i did add a line break and ran the pipeline but it fails eventually

Answer 1

Make sure you also include

-----BEGIN OPENSSH PRIVATE KEY-----

and

-----END OPENSSH PRIVATE KEY-----

This was the reason it kept failing for me.

Answer 2

Not sure if this till interesting for anybody... I had the same issue as the TO. It seems to be a problem with character encoding (especially line break) when copying the key from the .pem file into Jenkins web interface on different OS platforms (e.g. Linux / Windows). In my case copy paste of the key from the pem file into Jenkins web interface on the same machine (Linux) solved the problem.

Answer 3

This might be an issue with key format. EC2 gives PEM-formatted keys, and ssh currently uses different format (lengthy explanation here). You can see the difference in the header, PEM file uses

-----BEGIN RSA PRIVATE KEY-----

and ssh keys

-----BEGIN OPENSSH PRIVATE KEY-----

There are ways to convert the keys back and forth, but by far the easiest way is to try to generate a new key:

ssh-keygen -b 2048 -t rsa

Then try to import that key to Jenkins (copy paste generated ~/.ssh/id_rsa contents). If that succeeds, log in to the destination EC2 hosts and append the line from ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys.