Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65533

New OpenSSH format and ed25519 keys not supported

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ssh-steps-plugin
    • None
    • - Jenkins 2.277.3
      - SSH Pipeline Steps 2.0.0

      Using an ed25519 key, or one generated with OpenSSH 7.8+ fails:

      invalid privatekey: [B@39b54f70
      

       

      According to this discussion, it comes from JSch not supporting OpenSSH 7.8 and newer keys – incl. ed25519.

      Minimal example:

      def remote = [:]
      remote.name = "example-host-name"
      remote.host = remote.name
      remote.allowAnyHosts = true
      
      withCredentials([sshUserPrivateKey(credentialsId: 'example-key',
                  keyFileVariable: 'identity',
                  passphraseVariable: 'identityPass',
                  usernameVariable: 'userName')]) {
          remote.user = userName
          remote.identityFile = identity
          remote.passphrase = identityPass
          sshCommand(remote: remote, command: "ls -l")
      }
      

       

      Exception:

      com.jcraft.jsch.JSchException: invalid privatekey: [B@39b54f70
      	at com.jcraft.jsch.KeyPair.load(KeyPair.java:664)
      	at com.jcraft.jsch.KeyPair.load(KeyPair.java:561)
      	at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:40)
      	at com.jcraft.jsch.JSch.addIdentity(JSch.java:406)
      	at com.jcraft.jsch.JSch.addIdentity(JSch.java:387)
      	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      [...]

       

      Workaround

      Use RSA key of the old format instead (generate with -m pem).

            nrayapati Naresh Rayapati
            ethorsa ethorsa
            Votes:
            11 Vote for this issue
            Watchers:
            15 Start watching this issue

              Created:
              Updated: