Reputation: 2379
Getting 'Error loading key "(stdin)": error in libcrypto' when trying to add SSH key to GitLab CI pipeline
I'm trying to add a SSH key to a GitLab pipeline. The SSH key is in ED25519 format and saved as a group environmental variable and as a file in GitLab. When I saved the contents of the SSH key in GitLab I hit 'return' to add another line. When I try to load the SSH key into a pipeline I get Error loading key "(stdin)": error in libcrypto. I also tried manually adding a new line in the pipeline YAML by using echo >> "$PIPELINE_SSH_KEY" but got the same error. I'm following what is recommended in the GitLab documentation about adding a newline but it doesn't work. Do I need to add the newline in a different way?
Here's part of my GitLab YAML:
script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )'
- eval $(ssh-agent -s)
- echo >> "$PIPELINE_SSH_KEY"
- echo "$PIPELINE_SSH_KEY" | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- ssh-keyscan $CI_SERVER_HOST >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
Upvotes: 8
Views: 29707
Answers (5)
Reputation: 9588
Use 'File' as variable type!
Add a newline after your SSH Key!
See How to push changes from pipeline!
Upvotes: 0
Reputation: 559
I had that error because file with private key was not ended with the new line. Once I have added new line to the end of the file - problem has gone.
Upvotes: 7
Reputation: 11
I resolved this issue by just saving private key as a variable not a file.
And if you save private key as file then do this
script:
- apt-get update -y
- apt-get install -y openssh-client
- eval $(ssh-agent -s)
- cat $pem_file >> key.pem
- chmod 600 key.pem
- ssh -tt -i key.pem -o StrictHostKeyChecking=no ec2-
[email protected]
Upvotes: 1
Reputation: 2379
I figured out the issue. I added the wrong key. I added the public key when it should have been the private key. Once I added the private key and added the bash commands shown in this GitLab documentation page in step 3: https://docs.gitlab.com/ee/ci/ssh_keys/#troubleshooting, everything worked. I had to add the public key as a deploy key in GitLab as described here: https://docs.gitlab.com/ee/user/project/deploy_keys/#create-a-public-deploy-key
Upvotes: 11
Reputation:
I struggled with this myself the last few days. None of the documentation or rare blogged solutions worked. I’m not going to claim this is the correct way but I ended up doing this:
before_script:
- apt-get update -qq
- apt-get install -qq git
- 'which ssh-agent || ( apt-get -qq install openssh-client)'
- eval $(ssh-agent -s)
- chmod 600 "$SSH_KEY"
script:
- ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no [email protected] "cd sites/target_dir && git pull"
Upvotes: -1
Related Questions
- How to specify the private SSH-key to use when executing shell command on Git?
- GITLAB CI Error loading key "/dev/fd/63": invalid format ERROR: Job failed: exit code 1
- Getting permission denied (public key) on gitlab
- gitlab-ci SSH key invalid format
- How to add ssh private key from Gitlab CI variable with ssh-add?
- Windows 10 OpenSSH ssh-add "agent refused operation" (GitLab Windows Shared Runner)
- GitLab CI: SSH fail, unable to authenticate private key