Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65533

New OpenSSH format and ed25519 keys not supported

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ssh-steps-plugin
    • None
    • - Jenkins 2.277.3
      - SSH Pipeline Steps 2.0.0

      Using an ed25519 key, or one generated with OpenSSH 7.8+ fails:

      invalid privatekey: [B@39b54f70

       

      According to this discussion, it comes from JSch not supporting OpenSSH 7.8 and newer keys – incl. ed25519.

      Minimal example:

      def remote = [:]
remote.name = "example-host-name"
remote.host = remote.name
remote.allowAnyHosts = true

withCredentials([sshUserPrivateKey(credentialsId: 'example-key',
            keyFileVariable: 'identity',
            passphraseVariable: 'identityPass',
            usernameVariable: 'userName')]) {
    remote.user = userName
    remote.identityFile = identity
    remote.passphrase = identityPass
    sshCommand(remote: remote, command: "ls -l")
}

       

      Exception:

      com.jcraft.jsch.JSchException: invalid privatekey: [B@39b54f70
	at com.jcraft.jsch.KeyPair.load(KeyPair.java:664)
	at com.jcraft.jsch.KeyPair.load(KeyPair.java:561)
	at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:40)
	at com.jcraft.jsch.JSch.addIdentity(JSch.java:406)
	at com.jcraft.jsch.JSch.addIdentity(JSch.java:387)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[...]

       

      Workaround

      Use RSA key of the old format instead (generate with -m pem).

        1. stacktrace.log
          7 kB

            nrayapati Naresh Rayapati
            ethorsa ethorsa
            Votes:
            11 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated: