mac ssh-keygen 生成的密钥不能被 CICD 识别的解决方案

评论

问题

在mac 系统上使用 ssh-keygen -t rsa 生成的密钥文件如下

1
2
3
   -----BEGIN OPENSSH PRIVATE KEY-----
  
-----END OPENSSH PRIVATE KEY-----

例如

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
➜  ~ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/fwj/.ssh/id_rsa):
Created directory '/Users/fwj/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/fwj/.ssh/id_rsa.
Your public key has been saved in /Users/fwj/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Rn6MY1IWZ1DKynXdC+9jbmYoEJI3TJOxZz+7LESXmIA [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|       .+=+      |
|      E.=* . .   |
|       +Oo+oo..  |
|     .oB=*+.oo . |
|      +oS+o.o o  |
|       +.o.  +   |
|         o  ..+  |
|          o..++. |
|           oo+.  |
+----[SHA256]-----+
➜  ~ cat ~/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAQEAr3Zpx788t9nmRCGYrny67axIj3WNdJOYvBYdBS2w8I9Xt4GYNmP0
nvcWcEK5xjdjPDuH2QU+RJCNYpUciH1dbnDipEsrAbDGwN+ctbUoQ0FyeyrLrLqHcf5x87
IEMesbpzugiNXd4ff53HAMyvoIUKsS2qDiVocDqbFybWyQgGyVSChQSqjyqLxzHt6oeJh8
HU/tUuRgi7gCsAeAKuSrsG/d0hu/M9K4ij2QK6uSL3taD1ax0FHlJiHERqbl/wYsGFllfn
g3d6gtH0G0HG/7ALZ6NF1aCyWiQReXg4sfMTK4AsPkkDaxXwjJBFTpC9hjbakRdV2B9yuL
FO1pKt4DtwAAA9B2ZPEGdmTxBgAAAAdzc2gtcnNhAAABAQCvdmnHvzy32eZEIZiufLrtrE
iPdY10k5i8Fh0FLbDwj1e3gZg2Y/Se9xZwQrnGN2M8O4fZBT5EkI1ilRyIfV1ucOKkSysB
sMbA35y1tShDQXJ7Ksusuodx/nHzsgQx6xunO6CI1d3h9/nccAzK+ghQqxLaoOJWhwOpsX
JtbJCAbJVIKFBKqPKovHMe3qh4mHwdT+1S5GCLuAKwB4Aq5Kuwb93SG78z0riKPZArq5Iv
e1oPVrHQUeUmIcRGpuX/BiwYWWV+eDd3qC0fQbQcb/sAtno0XVoLJaJBF5eDix8xMrgCw+
SQNrFfCMkEVOkL2GNtqRF1XYH3K4sU7Wkq3gO3AAAAAwEAAQAAAQBHokxlZEnhtXAw+JZh
BkM6rU+iYheyNF/yygRnDNRkIeFp5drCueQw0iezBUrbBdnZyWQY0e8uBuXyDXZssuHmKO
gesyGHuygpriFIfgFGE/4tEre8eRq7C2pyV4cm6hmMGOfddZL0oky8FnLim1mxtWYpI+3D
7bMtIGjbC6ujAgRc40yh5hd0/Ozh2mBYkK1pJAIyZLCWTQ4iCyc/Wpfad6bDIloF28norV
M7U9fY/YDU5fWCcP+W+nj/hkx+iZz+lMMXGiX3XEGoEglAzMnzpIZjQTE3Rx/n6zIEuDM3
NBheh10E11NF359T9QYIZv8GP+r0yPBHdVobrP4ERc1BAAAAgQDR/fOrJhB9eVQqhxZ3jr
41lfkiTdCQqrtrQGfY7yeAERkF/1C8AvfQO6j+1oQI4cksPx++7+lcDeGHluwLlTjZEoXI
C0vUW9tDiy5Eq/PVtLRArCYpqoi+qrw+aakUW5FidNi+9lWw8wjy0guBzSVL3jWtttChrR
8ixgMq/29uRAAAAIEA3poCAEsRcii1oxBDrieLA6BXl9V22I5rD0YiUsTkCMCVn2qWfzRC
Zwa/p5QG8TFa62iKmVfNHBN/1k0ARrWhTsDOHGeRsKLDBGf3M0FRdMaPsf5h1zpKrcYQHC
GoS/dmuOJFi1QeKCQo55RTo6VWaMaTxfPqvAdZ7Z5T9vcb+xkAAACBAMnJ0sn1id090BDw
fhmOeBOzfmgHXrrS9M6HPMTkeR+nj9TmknsgTpukQoL5eYEkgBgiY2/+mVsx17OhP/BWna
oYHGVpcN51p1ci89flqad7MJk3GKtq7yuZ4of5f2VG0Nx3Qhz0aNRE/SWkUbMJE5ILQCXW
6QXYzUZ//A5qX59PAAAAGmZ3akBmd2pzLU1hY0Jvb2stUHJvLmxvY2Fs
-----END OPENSSH PRIVATE KEY-----


而通过Linux 生成的密钥是如下所示这样

1
2
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----

原因

BEGIN RSA PRIVATE KEY是PKCS#1,只是一个RSA密钥。它本质上只是来自PKCS#8的关键对象,但前面没有版本或算法标识符。 BEGIN PRIVATE KEY是PKCS#8,并指示密钥类型包含在密钥数据本身中。

解决办法

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
➜  ~ ssh-keygen -p -m PEM -f ~/.ssh/id_rsa
Key has comment '[email protected]'
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.
➜  ~ cat ~/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAr3Zpx788t9nmRCGYrny67axIj3WNdJOYvBYdBS2w8I9Xt4GY
NmP0nvcWcEK5xjdjPDuH2QU+RJCNYpUciH1dbnDipEsrAbDGwN+ctbUoQ0FyeyrL
rLqHcf5x87IEMesbpzugiNXd4ff53HAMyvoIUKsS2qDiVocDqbFybWyQgGyVSChQ
SqjyqLxzHt6oeJh8HU/tUuRgi7gCsAeAKuSrsG/d0hu/M9K4ij2QK6uSL3taD1ax
0FHlJiHERqbl/wYsGFllfng3d6gtH0G0HG/7ALZ6NF1aCyWiQReXg4sfMTK4AsPk
kDaxXwjJBFTpC9hjbakRdV2B9yuLFO1pKt4DtwIDAQABAoIBAEeiTGVkSeG1cDD4
lmEGQzqtT6JiF7I0X/LKBGcM1GQh4Wnl2sK55DDSJ7MFStsF2dnJZBjR7y4G5fIN
dmyy4eYo6B6zIYe7KCmuIUh+AUYT/i0St7x5GrsLanJXhybqGYwY5911kvSiTLwW
cuKbWbG1Zikj7cPtsy0gaNsLq6MCBFzjTKHmF3T87OHaYFiQrWkkAjJksJZNDiIL
Jz9al9p3psMiWgXbyeitUztT19j9gNTl9YJw/5b6eP+GTH6JnP6UwxcaJfdcQagS
CUDMyfOkhmNBMTdHH+frMgS4Mzc0GF6HXQTXU0Xfn1P1Bghm/wY/6vTI8Ed1Whus
/gRFzUECgYEA3poCAEsRcii1oxBDrieLA6BXl9V22I5rD0YiUsTkCMCVn2qWfzRC
Zwa/p5QG8TFa62iKmVfNHBN/1k0ARrWhTsDOHGeRsKLDBGf3M0FRdMaPsf5h1zpK
rcYQHCGoS/dmuOJFi1QeKCQo55RTo6VWaMaTxfPqvAdZ7Z5T9vcb+xkCgYEAycnS
yfWJ3T3QEPB+GY54E7N+aAdeutL0zoc8xOR5H6eP1OaSeyBOm6RCgvl5gSSAGCJj
b/6ZWzHXs6E/8FadqhgcZWlw3nWnVyLz1+Wpp3swmTcYq2rvK5nih/l/ZUbQ3HdC
HPRo1ET9JaRRswkTkgtAJdbpBdjNRn/8Dmpfn08CgYEA1tnA6rWJ3iyqu/ubx4EF
LPfa84KmVfiIHtLrmAXPrx7qi1aecaJoIPajj0RRuwSPI73gYIcdQmcTsSzbAmSW
j+OKTGIufVVrc1pBf2ghDdwEn6DOoKTzpWwQ6oYV4VSmAfbrdsI25TmZfYNtgvq3
PyPDR4HY46kYxD9X/XuetykCgYBjbVKzuIyput9euWEo7o40BuluENOYcoG1keVb
jsgv1LyGRuY+TPjur80mBA7el0GWorskX+roiHKkS/vZTJR7T04OmhnHQ2mlAc/s
vXkO0SBtHjzFmfcnILgCD+m52V7ogsrMwZE1ppilh4XKFdrSx0BgZLiE7QKYjk+A
OuHK+QKBgQDR/fOrJhB9eVQqhxZ3jr41lfkiTdCQqrtrQGfY7yeAERkF/1C8AvfQ
O6j+1oQI4cksPx++7+lcDeGHluwLlTjZEoXIC0vUW9tDiy5Eq/PVtLRArCYpqoi+
qrw+aakUW5FidNi+9lWw8wjy0guBzSVL3jWtttChrR8ixgMq/29uRA==
-----END RSA PRIVATE KEY-----

阿文运维 & CSDN 专家作者

喜欢新事物,关注云计算行业,对新的技术有追求,喜欢写作和coding