SSH key in dockerfile invalid format

Question

i have this dockerfile:

FROM openjdk:11

COPY . .

RUN apt-get update -y
RUN apt-get install -y python

RUN mkdir -p /root/.ssh && \
    chmod 0700 /root/.ssh && \
    ssh-keyscan gitlab.com > /root/.ssh/known_hosts

ARG SSH_KEY=autofilled

RUN echo $SSH_KEY | python -c "key = raw_input();print \"-----BEGIN OPENSSH PRIVATE KEY-----\" + \"\\n\" + \"\\n\".join(key[i:i+64] for i in range(0, len(key), 64)) + \"\\n\" + \"-----END OPENSSH PRIVATE KEY-----\"" > /root/.ssh/id_rsa

RUN chmod 600 /root/.ssh/id_rsa
RUN git submodule init
RUN git submodule update
RUN chmod -R +x ./sbt-dist
RUN chmod +x ./sbt
RUN ./sbt dist
WORKDIR ./target/universal
RUN unzip ./dist.zip
WORKDIR ./dist/bin
RUN chmod +x ./smart-flats
EXPOSE 5000
CMD ["./smart-flats", "-Dhttp.port=5000", "-J-Xmx1536m"]

but when i try to build it with latest docker version, i get this error:

Step 10/19 : RUN git submodule update
 ---> Running in dac2651ed54a
Cloning into '//tyrion-core'...
Warning: Permanently added the ECDSA host key for IP address '172.65.251.78' to the list of known hosts.
Load key "/root/.ssh/id_rsa": invalid format
git@gitlab.com: Permission denied (publickey,keyboard-interactive).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
fatal: clone of 'git@gitlab.com:byzance/tyrion-core.git' into submodule path '//tyrion-core' failed
Failed to clone 'tyrion-core'. Retry scheduled

Can anyone tell me, how should i repair this dockerfile? Thnanks!!

You shouldn't persist `ssh` keys in a `docker image`, use the [`ssh-agent`](https://stackoverflow.com/a/64036342/1423507) for authentication during a `docker build`. — masseyb, Dec 07 '21 at 18:28
(Anyone who gets the image can `docker run --rm your-image cat /root/.ssh/id_rsa` and get the private key back out.) — David Maze, Dec 07 '21 at 19:31

score 0 · Answer 1 · edited Dec 07 '21 at 14:46

0

Looks like you created your key in MacOS.

Linux-based systems mostly using RSA type, but MacOS's ssh-keygen generating OpenSSH ssh key by default, not RSA.

RSA key should start from -----BEGIN RSA PRIVATE KEY-----
But OpenSSH's first line is -----BEGIN OPENSSH PRIVATE KEY-----

Just create new RSA key or convert your OpenSSH key to RSA

edited Dec 07 '21 at 14:46

Dharman

30,962
25
85
135

answered Dec 07 '21 at 14:41

rzlvmp

7,512
5
16
45

oh, thanks. is there any way to convert key right in dockerfile? – Sizor Dec 07 '21 at 14:58
Just change openssh header and footer lines with rsa ones. And pass correct RSA key through `SSH_KEY` variable – rzlvmp Dec 07 '21 at 15:06

score 0 · Answer 2 · edited Dec 07 '21 at 16:44

0

The number of characters per line might not be correct.

I tested with this line and it generated the correct key :

echo $SSH_KEY | python -c "key = raw_input();print \"-----BEGIN OPENSSH PRIVATE KEY-----\n\" + \"\\n\".join(key[i:i+70] for i in range(0, len(key), 71)) + \"\n-----END OPENSSH PRIVATE KEY-----\""  > /root/.ssh/id_rsa

edited Dec 07 '21 at 16:44

ouflak

2,458
10
44
49

answered Dec 07 '21 at 15:11

Christof

1
2

not worked for me, still same error – Sizor Dec 07 '21 at 15:28

SSH key in dockerfile invalid format

2 Answers2