Getting 'Error loading key "(stdin)": error in libcrypto' when trying to add SSH key to GitLab CI pipeline

Asked 8/2, 2024 at 19:11 Answered 8/10, 2024 at 13:41

I'm trying to add a SSH key to a GitLab pipeline. The SSH key is in ED25519 format and saved as a group environmental variable and as a file in GitLab. When I saved the contents of the SSH key in GitLab I hit 'return' to add another line. When I try to load the SSH key into a pipeline I get Error loading key "(stdin)": error in libcrypto. I also tried manually adding a new line in the pipeline YAML by using echo >> "$PIPELINE_SSH_KEY" but got the same error. I'm following what is recommended in the GitLab documentation about adding a newline but it doesn't work. Do I need to add the newline in a different way?

Here's part of my GitLab YAML:

script:
    - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )'
    - eval $(ssh-agent -s)
    - echo >> "$PIPELINE_SSH_KEY"
    - echo "$PIPELINE_SSH_KEY" | ssh-add -
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - ssh-keyscan $CI_SERVER_HOST >> ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts

Heffner answered 8/2, 2024 at 19:11 Comment(0)

I figured out the issue. I added the wrong key. I added the public key when it should have been the private key. Once I added the private key and added the bash commands shown in this GitLab documentation page in step 3: https://docs.gitlab.com/ee/ci/ssh_keys/#troubleshooting, everything worked. I had to add the public key as a deploy key in GitLab as described here: https://docs.gitlab.com/ee/user/project/deploy_keys/#create-a-public-deploy-key

Heffner answered 20/2, 2024 at 16:44 Comment(1)

ssh private key ? deploy tokens ? – Minimalist 23/10, 2024 at 14:34

I resolved this issue by just saving private key as a variable not a file.

And if you save private key as file then do this

script:
    - apt-get update -y
    - apt-get install -y openssh-client
    - eval $(ssh-agent -s)
    - cat $pem_file >> key.pem
    - chmod 600 key.pem
    - ssh -tt -i key.pem -o StrictHostKeyChecking=no ec2- 
      [email protected]

Orbiculate answered 14/7, 2024 at 16:33 Comment(0)

I had that error because file with private key was not ended with the new line. Once I have added new line to the end of the file - problem has gone.

Slum answered 8/10, 2024 at 13:41 Comment(0)

I struggled with this myself the last few days. None of the documentation or rare blogged solutions worked. I’m not going to claim this is the correct way but I ended up doing this:

before_script:
  - apt-get update -qq
  - apt-get install -qq git
  - 'which ssh-agent || ( apt-get -qq install openssh-client)'
  - eval $(ssh-agent -s)
  - chmod 600 "$SSH_KEY"
script:
  - ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no [email protected] "cd sites/target_dir && git pull"

Valeryvalerye answered 16/2, 2024 at 14:26 Comment(0)

Recommended topics

Hot tags