...
SSH Key credentials support a private key file upload and an optional input for a passphrase. You will be able to download the public key based on the private key that is uploaded if it is an OpenSSH key. Putty PPK files will not be able to have their public keys downloaded. These credentials can be configured for SSH Key authentication with Endpoints and also GIT Source Control Instances. Additionally, they can be referenced in custom groovy scripts and workflows (see Referencing SSH Key Values as Properties section for more information).
...
Input Name | Description | Input Type | Required |
---|---|---|---|
SSH Key | SSH Key which will have its content stored in encrypted format. Before encrypting, FlexDeploy will convert all End of Line characters to Unix. This is to avoid any errors related to invalid format. | File | Yes |
Passphrase | Passphrase for accessing the SSH key (optional, also stored in an encrypted format). | Text | No |
...
During server startup, FlexDeploy will look at the system user’s .ssh directory on the server’s file system and automatically create SSH Key credentials for any private key in that directory. It will ignore any file that is authorized_keys
, known_hosts
, and any file with the .pub
extension. These credentials have the naming format Private key - <private key absolute path>
. If a credential already exists with that name, then it will check the name of the file that is associated with the credential. If the name of the file matches the absolute path on the file system, then it will be ignored. Otherwise the SSH Key input value of the credential will be overwritten with the private key on the file system. If a credential does not exist with that name, then it will be created automatically. These credentials that are auto imported will need to have their passphrases manually configured from the Credentials screen. In the server logs, you can track the credentials that were created via the autoUploadPrivateKeyCredentials()
method every time the server starts.
...
Note that if the underlying file was modified on the file system after it was already uploaded, then it would not be updated within FlexDeploy unless the credential file was changed, causing the credential SSH Key file to be overwritten. However, this auto-import feature is primarily to assist in auto creating credentials for SSH Keys after configuring FlexDeploy.
Info |
---|
It is recommended that any future SSH Key credentials should be uploaded from a user’s local machine. This minimizes the need for accessing the server’s internal file system, and simplifies the process of managing SSH Keys within FlexDeploy. |
Referencing SSH Key Values As Properties
...
Trouble Shooting SSH Key Credentials
Invalid Format
If there is an error when using an SSH Key credential that includes the message “invalid format” or sometimes “error in libcrypto”, then it might be possible that the key is not formatted properly when being used. This error commonly occurs when trying to connect to a GIT repository using a file that does not have Unix End of Line characters. When uploading an SSH Key, FlexDeploy will automatically convert all Windows and Mac EOL characters to Unix in the content before encrypting and storing in the database. However, if using custom workflow script or groovy script logic to manually use a private key, then this error might occur.
...
The correct format of a private key file must have Unix EOL characters, and must have an empty line at the end of the file. When you generate a private key using OpenSSH, then the resulting private key will have Unix EOL characters even if generated on a Windows machine. The screenshot below is an example of the proper EOL format. The actual key content itself does not matter, but notice the End of Line characters. You can enable the EOL symbols in Notepad++ by clicking View → Show Symbol → Show End of Line.
...
If copying the content of an existing private key to a new file then it may result in improper formatting. Here is an example of an invalid format which would cause the error shown above.
...
Similarly, the file may have Windows EOL characters which will appear as CR LF
. To convert to Unix EOL characters in Notepad++, you can use Edit → EOL Conversion → Unix to correct it.
...
Permission denied (publickey)
...