New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid private key - secrets #3923
Comments
I tried to recreate this but wasn't able to. What do you mean by preexisting, like one you've generated elsewhere? If you navigate to Here's a dummy private and public key pair. It works with those privateGenerated with
publicGenerated with
|
Oh. I was trying to use my existing SSH private and public keys, and while it is an RSA key, I guess it is not in the PEM format which is required. After using your generation commands to create a new private and public key in PEM format, and loading them into Netbox, I now get "session key received!" and am able to create and unlock secrets. Can I suggest that the Secrets documentation page at https://netbox.readthedocs.io/en/stable/core-functionality/secrets/ be modified to add a note that SSH keys can't be used, or if they can, how to convert them into the correct format? I think I got lead down the wrong path when I read the line "you can either generate a new RSA key pair, or upload the public key belonging to a pair you already have.", and I presumed this meant I could use my existing SSH key pair. Thanks for the quick reply, which resolved my issue. |
I'm going to treat this as a bug, since we should be validating the key format on input. (But the docs also need to be improved.) @squigley Would you mind generating a new key pair in the same format as the one you tried and posting it here to assist with testing? I'm pretty sure I know what's going on but it would help to be sure. |
Sure, the keypair I was trying to use was one which was generated by "ssh-keygen", with no parameters. eg: $ ssh-keygen -----BEGIN OPENSSH PRIVATE KEY----- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWu/eCYGNvKE1jfeoPIzW+lVnWxRIvlAanFvbdfbX563sR2SflIYUI555ZcADYUlF00c6OTraqe734AGDMe2o74mn2ByHwRYGnJMRpBzED3VxHRqKjsCODM440qXwLWnwmkxQLo71GH66UmfyX68CX2wI684QRXpelkikAZzHum2IcRIhBs2E1wtxTUkBUkHxcxux2EkZROm+Qog00pjS31bnsaW5NitJOJImHCV7e7sirAXScx8MO7monJj5T03g6d0gucEPDS/6lBgFhpZ9PA46dLkeq9LoDJdvZGksIkwkBK7eaCXdFTapGVbiFO8cewKkhr/wW3+2Idnl/9L+/DQWl1H85gVCc+f0Q9YwqqXSIo8B5aU30hOHcVqit1K8Sr5XXUGH5pI5+r3OzZcemOEZZVy64Mtawii7KMfa4/Ywg07xsV34f+/VexBh9s264VH83jYaM6+LUv1D16ijVQpJZLsfSDHxnCCQntjPIm5ezWPW2+8c4wz8NcKDDDs= squigley@9K771Z2L |
Environment
Steps to Reproduce
Expected Behaviour
System would accept my private key matching the public key in the profile, give me a session key, and allow me to save the secret.
Observed Behaviour
Just keeps prompting for the private key.
Using the dev tools I see that in response to submitting the private key, I am getting a 400 error, with the text "Invalid Private Key."
It doesn't matter what format I try submitting the private key, eg including the BEGIN/END lines etc, and with the encoded body as one long line, or split after x number of characters, every attempt is invalid.
I was having this issue with 2.6.7, so I upgraded to 2.6.12, deleted the public key from the profile, readded it, but there was no change. I have tried using both Firefox and Chrome, and both fail.
The text was updated successfully, but these errors were encountered: