This is piece of my yaml file about ssh for gitlab ci:
eval $(ssh-agent -s)
echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
mkdir -p ~/.ssh
chmod 700 ~/.ssh
'[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
When I attempted to set SSH_PRIVATE_KEY variable to protected state, it occurs error:
Error loading key "(stdin)": invalid format
and I don't know why it's okay when I set SSH_PRIVATE_KEY variable to unprotected state
For me it also failed because the SSH_PRIVATE_KEY was marked as "Protected" but the tag I was using was not.
So either make the branch or tag you are using also protected or remove the "Protected" setting from the SSH_PRIVATE_KEY variable.
See: https://gitlab.com/help/ci/variables/README#create-a-custom-variable-in-the-ui
Protect variable (Optional): If selected, the variable will only be available in pipelines that run on protected branches or tags.
this is because you set SSH_PRIVATE_KEY in a malformed state. my suggestion is to use base64 encoded value in the variable
cat ~/.ssh/id_ras | base64 -w0
add this value to your gitlab ci variable then in your gitlab.ci.yml
ssh-add <(echo "$SSH_PRIVATE_KEY" | base64 -d)
cat ~/.ssh/id_ras | base64 -w0Settings > CI/CD > Variables
-----END ... PRIVATE KEY-----
I had the same issue and the problem was that I saved the key on GITLAB CI as file. changed it variable, problem sloved.
This issue could also happen because you have created 4096 bit keys. For some reason this fails in pipeline.
Make sure to create 2048 ones or use file as variable type.
The solutions here did not work for me, also see related question:
How to add ssh private key from Gitlab CI variable with ssh-add?
=> I use a shell executor, and instead of copying the private key from a CI variable, I manually configured an ssh connection between the gitlab-runner host and the target server (needs to be done for the user "gitlab-runner").
Also see:
https://docs.gitlab.com/ee/ci/ssh_keys/#ssh-keys-when-using-the-shell-executor
