5

I´m kind of stuck with an SSH private key issue and LibGit2Sharp-Ssh.

I have a .Net/C# application that uses LibGit2Sharp-Ssh to clone a Git repository.

I need to use SSH (https with user/password is not an option) and I also have a valid key, which is already working e.g. with Teamcity.

My code looks like this:

CloneOptions options = new CloneOptions
{
     Checkout = false,
     CredentialsProvider = (url, user, cred) => new SshUserKeyCredentials()
     {
          PrivateKey = privateKey,
          Passphrase = passphrase,
          PublicKey = publicKey,
          Username = "git"
     }
};
var clone = LibGit2Sharp.Repository.Clone(remoteUrl, localPath, options);

privateKey points to a private key file in "OpenSSH" format.

When Clone is executed i get:

LibGit2Sharp.LibGit2SharpException: "Failed to authenticate SSH session: Invalid key data, not base64 encoded"

I've tried all of the private key formats I could create with PuttyGen, but I always get the same result.

What might be the issue or in what format do I need to create the private key file?

My OpenSSH-format key looks like (truncated):

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,27A4E70608469318

<Key-Data, like "sdhsdcQEHBg3uzfb...">
-----END RSA PRIVATE KEY-----
Kenny Evitt
  • 9,291
  • 5
  • 65
  • 93
emvoll
  • 99
  • 7

3 Answers3

4

privateKey point to a private key file in "OpenSSH" format.

privateKey needs to point to a key, not a path to a key. You need to read the key file and place the contents into a string that you can pass to privateKey.

Edward Thomson
  • 74,857
  • 14
  • 158
  • 187
  • I just tried that, but not sure what the content of that string should be. PuttyGen offers different key formats. I used both "OpenSSH" as well as "OpenSSH (new format)". I took the files "as is", I truncated the content so "see" only the Base64 content... Allways same result saying "Invalid key data, not base64 encoded"... – emvoll Nov 26 '17 at 19:08
  • I don't think this is true, the docs say: "Private key file location for SSH authentication". Besides if you put in an actual key you get the error `Failed to authenticate SSH session: Unable to open public key file ` – Roger Far Sep 12 '18 at 15:28
1

Instead of creating your private key with PuttyGen (ppk keys), Use PuttyGen to load said ppk file, and save it as OpenSSH file (id_rsa, id_rsa.pub)

Or, as I described here, use Git for Windows PATH to access ssh-keygen, and create one directly with the right format:

ssh-keygen -t rsa -C "key for my Git repo server" -q -P ""
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Maybe my first post was a bit misleading: that´s what i did. I used PuttyGen to convert the ppk into different formats, including OpenSSH-export – emvoll Nov 24 '17 at 06:55
  • @emvoll Then you need to use that openssh private key (open it to check it is indeed in base 64 encoded (PEM format, as in http://blog.oddbit.com/2011/05/08/converting-openssh-public-keys/) – VonC Nov 24 '17 at 07:02
  • It pretty much does. Only difference is that there seems to be some header on top of the key data. I´ll post the "frame" without the key-data below (formatting seems not to be working here...) – emvoll Nov 24 '17 at 07:12
  • Note: I see that error message in implementations like https://github.com/uchida/pandora_agent_win32/blob/76e06b6358581859e4e8b88d80ddbe67b6e02b9a/ssh/libssh2/userauth.c#L303-L304, using https://github.com/uchida/pandora_agent_win32/blob/76e06b6358581859e4e8b88d80ddbe67b6e02b9a/ssh/libssh2/misc.c#L105-L169 – VonC Nov 27 '17 at 07:24
-1

That´s how my OpenSSH-Key looks like (key data truncated):

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,27A4E70608469318

<Key-Data, like "sdhsdcQEHBg3uzfb...">
-----END RSA PRIVATE KEY-----

Is there some way i can verify tha exported key?

emvoll
  • 99
  • 7