I'm trying to expose an internally developed R package tracked in Github using SSH but we're encountering issues with the SSH key passphrase. These are the steps I have followed so far:
Created a user my_user_name in the rstudio-pm group
Generated a new SSH key id_ed25519 that I added to the Github account. This command ssh-add -K ~/.ssh/id_ed25519 failed because the server is based on ubuntu, so I used ssh-add ~/.ssh/id_ed25519 instead.
I ran rspm commands under su my_user_name
When I tried to import the SSH key, it says that the key is passphrase protected rspm import --name=id_ed25519 --path=/home/ubuntu/.ssh/id_ed25519 --passphrase-path=/home/ubuntu/.ssh/passphrase Error: Unable to import key: Could not import SSH key: ssh: this private key is passphrase protected
I'm not sure how to make it see the passphrase. In rstudio documentation it says "passphrase file should just be text file with passphrase for key" so I created a text file (that I'm going to delete) where I put the passphrase but still getting the same error.
Can you give that a shot and see if it solves the problem? Also, what version of RStudio Package Manager are you using?
Moreover, because you are a professional customer (or trialing a professional product), you have access to our professional support team. We really appreciate you asking here, so that others can find the solution, but we can ensure things are handled more directly if you reach out to support@rstudio.com . Thanks!
Thank you so much for getting back to me so quickly Cole.
I have tried changing the ownership for those two files as you recommended, replacing ubuntu:ubuntu by the user I'm using but still getting the same error. Should the SSH key file and the passephrase be owned by the same user who owns rstudio-pm files and directories? (We have the latest version of RSPM, 1.2.2). Thanks!
Just wanted to update here that we are taking a deeper look at this! We are concerned that our implementation does not handle keys generated by openssh properly, so we may have a bug on our hands!
Can one / all of y'all confirm whether or not your private key begins with -----BEGIN RSA PRIVATE KEY----- and has Proc-Type: 4,ENCRYPTED at the start of the key (if you cat the private key cat ~/.ssh/my-key - DO NOT SHARE THE ACTUAL KEY HERE )?
Or does your key start with something like -----BEGIN OPENSSH PRIVATE KEY----- and then just has a string of random characters?
To be clear - we would expect the former to work (RSA PRIVATE KEY), and the latter to fail (OPENSSH PRIVATE KEY).
Thanks for confirming @harryfisher ! Do you have another server with a different type of ssh installed? If you generate a key using a different ssh, that could be a workaround for now (hopefully it will work for you!). I used this to build one, if you're familiar with docker: