Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot decode encrypted private keys #15

Open
ninhdhx opened this issue Sep 1, 2018 · 2 comments
Open

Cannot decode encrypted private keys #15

ninhdhx opened this issue Sep 1, 2018 · 2 comments
Assignees
@coufalja
Labels
potential-bug Potential bug

Comments

@ninhdhx
Copy link

ninhdhx commented Sep 1, 2018

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,D7C72273BE168626E5B2D1BC72E56326
...
-----END RSA PRIVATE KEY----
@coufalja
Copy link
Contributor

coufalja commented Sep 5, 2018

Could you please elaborate on this a little bit more?

@coufalja coufalja self-assigned this Sep 5, 2018
@coufalja coufalja added the potential-bug Potential bug label Sep 5, 2018
@ninhdhx
Copy link
Author

ninhdhx commented Sep 7, 2018

K8s manifest

args:
          - 'watch'
          - 'configmap'
          - '--configmap=config'
          - '--namespace=config'
          - '--branch=master'
          - '[email protected]:path/to/private/repo.git'
          - '--interval=30'
          - '--ssh-key=/home/.ssh/id_rsa'

Error log:

Error: Couldn't parse SSH key: ssh: cannot decode encrypted private keys
Usage:
  git2kube watch configmap [flags]

Flags:
      --annotation strings   annotation to add to K8s ConfigMap (format NAME=VALUE)
  -m, --configmap string     name for the resulting ConfigMap
  -h, --help                 help for configmap
  -k, --kubeconfig           true if locally stored ~/.kube/config should be used, InCluster config will be used if false (options: true|false) (default: false)
      --label strings        label to add to K8s ConfigMap (format NAME=VALUE)
      --merge-type string    how to merge ConfigMap data whether to also delete missing values or just upsert new (options: delete|upsert) (default "delete")
  -n, --namespace string     target namespace for the resulting ConfigMap (default "default")

Global Flags:
  -b, --branch string             branch name to pull (default "master")
  -c, --cache-folder string       destination on filesystem where cache of repository will be stored (default "/tmp/git2kube/data/")
      --exclude strings           regex that if is a match excludes the file from the upload, example: '*.yaml' or 'folder/*' if you want to match a folder (default [^\..*])
  -g, --git string                git repository address, either http(s) or ssh protocol has to be specified
      --healthcheck-file string   path to file where each refresh writes if it was successful or not, useful for K8s liveness/readiness probe
      --include strings           regex that if is a match includes the file in the upload, example: '*.yaml' or 'folder/*' if you want to match a folder (default [.*])
  -i, --interval int              interval in seconds in which to try refreshing ConfigMap from git (default 10)
  -l, --log-level string          command log level (options: [panic fatal error warning info debug]) (default "info")
  -p, --ssh-key string            path to the SSH private key (git repository address should be 'git@<address>', example: [email protected]:WanderaOrg/git2kube.git)

time="2018-09-07T06:13:51Z" level=error msg="Command failed: Couldn't parse SSH key: ssh: cannot decode encrypted private keys"

I suppose if we have DER block with an RSA private key, we have to use x509.ParsePKCS1PrivateKey to parse the key

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@coufalja coufalja

Labels
potential-bug Potential bug
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ninhdhx @coufalja