Thursday, August 25, 2022

id_rsa.pub: invalid format, error in libcrypto

After I upgraded my Linux and got Python 3.10 by default, it turned out that Ansible 2.9 will no longer run and is unsupported together with Ansible linter. I do not use Python and wanted to avoid yet another set of virtual environments on top of Java, Ruby, Node and Go ones, already on my machine. 

So i decided to dockerize the setup and in the process also get it as close as possible to our production environment. I built a Docker image with Ubuntu and Ansible 2.9.17 and started exposing my host machine SSH keys and settings.

My laptop could SSH to all the VMs I was managing with Ansible. However from Docker image I was getting two types of errors:

  • with Ubuntu 18.04: Load key "/home/hsiliev/.ssh/id_rsa.pub": invalid format
  • with Ubuntu 22.04: Load key "/home/hsiliev/.ssh/id_rsa.pub": error in libcrypto

Having similar issues with different OpenSSH and OpenSSL versions led me to think that the problem is a bit different.

And indeed. It was all before my eyes all of the time. Turned out that I was using my public key to authenticate.

The messages above hinted the problematic file, but were not foolproof enough. I would have expected something like: 

Public key should stay on the servers you want to login to and be public. Private key should stay with your machine and be private. Get this public key out of any configurations and .ssh directories now!

So the moral of the story is: if you see the above errors - check if you use public key for the wrong purpose and if so fix this.

No comments:

id_rsa.pub: invalid format, error in libcrypto

After I upgraded my Linux and got Python 3.10 by default, it turned out that Ansible 2.9 will no longer run and is unsupported together with...