Paramiko No such file or directory: '-----BEGIN RSA PRIVATE KEY-----\n'

Question

I am coming across issues using the SSHHook class in a DAG.

The error is

  File "/usr/local/airflow/.local/lib/python3.7/site-packages/paramiko/pkey.py", line 307, in _read_private_key_file
    with open(filename, "r") as f:
FileNotFoundError: [Errno 2] No such file or directory: '-----BEGIN RSA PRIVATE KEY-----\n'

What I am doing is taking a PEM key from AWS Secrets Manager and writing it to a file-like object using StringIO.

secrets_manager_hook = SecretsManagerHook()
    sm_client = secrets_manager_hook.get_conn()
    secret = sm_client.get_secret_value(SecretId='<SECRET>')
    pem_key_value = secret["SecretString"]

    with StringIO(initial_value=pem_key_value) as pem_file:
        ssh_hook=SSHHook(ssh_conn_id=None, remote_host=<HOST>, username='ec2-user', key_file=pem_file)
        ssh_hook_conn=ssh_hook.get_conn()
        ssh_hook.exec_ssh_client_command(ssh_client=ssh_hook_conn, command='echo Hello', get_pty=False)

My PEM key that I uploaded as just a plain text secret looks like this

-----BEGIN RSA PRIVATE KEY-----
######
...
...
######
-----END RSA PRIVATE KEY-----

If I print the secret value retrieved from the Boto3 client it is a similar output.

I'm not sure of what the error is related to. Do I explicitly need new line characters \n at the end of every line? How can I implement that? StringIO seems like it already has newline='\n' as a default parameter.

Martin Prikryl · Answer 1 · 2022-06-27T05:18:10.683

0

The key_file takes file path. It does not accept a file-like object.

The only way to provide in-memory key is using private_key "extra option" in connection specified by ssh_conn_id.

edited Jun 27 '22 at 05:18

answered Jun 23 '22 at 14:51

Martin Prikryl

188,800
56
490
992

Paramiko No such file or directory: '-----BEGIN RSA PRIVATE KEY-----\n'

1 Answers1