0

im having my application deployed in openshift, for file transfer we're using sftp and have configured sftp private key via secret but on making the api call via swagger , getting the response as invalid private key any help on how i can include this private key which is of multiple lines in the secret yaml file

below is the error im getting

------stack trace-------

java.lang.IllegalStateException: failed to create SFTP Session
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:404)
Caused by: com.jcraft.jsch.JSchException: invalid privatekey: [B@50ae9b59
    at com.jcraft.jsch.KeyPair.load(KeyPair.java:747)
2022-10-19 13:33:43,123 - [threadPoolTaskExecutor-2] ERROR - transactionId:  - Encountered an error executing step Download 0145A files in job Download Job
 java.util.concurrent.CompletionException: org.springframework.messaging.MessagingException: Failed to execute on session; nested exception is java.lang.IllegalStateException: failed to create SFTP Session
    at java.base/java.util.concurrent.CompletableFuture.encodeThrowable(Unknown Source)
Caused by: org.springframework.messaging.MessagingException: Failed to execute on session; nested exception is java.lang.IllegalStateException: failed to create SFTP Session
    at org.springframework.integration.file.remote.RemoteFileTemplate.execute(RemoteFileTemplate.java:461)
Caused by: java.lang.IllegalStateException: failed to create SFTP Session
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:404)
Caused by: com.jcraft.jsch.JSchException: invalid privatekey: [B@7204aa68

below is the secret file that i used

secret-test.yaml
apiVersion: xx
kind: Secret
metadata:
  name: xxxxx
  namespace: xxxxxxxx
type: Opaque
stringData:
  key_name: >
    PuTTY-User-Key-File-2: ssh-rsa\r\
    Encryption: none\r\
    Comment: rsa-key-20210504\r\
    Public-Lines: 12\r\
    AAAAB3NzaC1yc2EAAAABJQAAAgEAhi7HxCYBA3gvK0UbFenUlQTGUsDfvCXbEg/Y\r\
    As3jvPl6hIjHp2xAOyOQ5P6A8zx9prjk06Q5q44lKzZXgGzJS8ZxpsMWsPA/+x1M\r\
    .
    .
    .
    4s5A+20CflMMEwK/G6Kny7ZduVRDmULzbUjaTPyw8rHYI9Do/YIIskDlwbdy3alg\r\
    3/PYjrPEUq62yXZEvt7XOcSesrrVLLDMsOK3LJvQqZCrVFnRgTSoxDhGFNwb8De8\r\
    jbdW1j/G+vPegA7yjI7r2QZx7gI23CX0XZkXud3LzhZn02RmdboxErrRMKrp/cgX\r\
    zdWd2DM=\r\
    Private-Lines: 28\r\
    AAACACCjmGAk631ibFaiG1hbeOX6PhQhE9PR21droz7zz5yrYv2kuvFfhT7RTMIU\r\
    .....
    EwlRTPzhe070NNze7yNMp4zsTAG2I98PEXZYbl7oyUXkzJE/AmQqwgOomoWx8IEL\r\
    U6E=\r\
    Private-MAC: 87d58cb0e3e60ef943ee9396fe9\r

Things i tried:

  • included |- , >-, only |,only >
  • tried enclosing in double quotes with backslash as escape character

something like below

         "PuTTY-User-Key-File-2: ssh-rsa\
         Encryption: none\
         Comment: rsa-key-20210504..."
still got the same error as above
Harsh Manvar
  • 27,020
  • 6
  • 48
  • 102
Sushmitha
  • 11
  • 2

2 Answers2

1

i tried with type as kubernetes.io/ssh-auth instead of Opaque and it worked !! thanks for the suggestions provided

Sushmitha
  • 11
  • 2
0

Did you tried the command :

kubectl create secret generic ssh-keys --from-file=id_rsa=/path/to/.ssh/id_rsa

Ref official doc : https://kubernetes.io/docs/concepts/configuration/secret/#use-case-pod-with-ssh-keys

Harsh Manvar
  • 27,020
  • 6
  • 48
  • 102
  • Hey @Harsh .. thanks for the suggestion but my team lead has mentioned to make it automated as much as possible .. like not mentioning the paths , if any workaround this multiline string representation would be very helpful – Sushmitha Oct 20 '22 at 11:49
  • cant you write the string into file and create the secret out of it? or looking forward to managing everything with java code? – Harsh Manvar Oct 20 '22 at 11:54
  • i had also suggested on the file part like you had mentioned but in case of different environments , the path should be taken care of .. so we're trying to mention it in yaml itself – Sushmitha Oct 20 '22 at 12:18