Overview of the Issue
packer validate returns error ssh_private_key_file is invalid: Error loading certificate when using field ssh_private_key_file in source qemu block.
The key file exists. The keypair has been generated from command ssh-keygen -f rsa -t rsa with no passphrase.
Also, ed25519 keys have been tested, with the same packer results.
The private and public key pairs have been tested with commands:
PRIVKEY=rsa
TESTKEY=rsa.pub
diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$TESTKEY" )
(Source: https://serverfault.com/questions/426394/how-to-check-if-an-rsa-public-private-key-pair-match)
Reproduction Steps
- Download attached archive, uncompress, cd in folder.
- Change èath values for
ssh_certificate_file and ssh_private_key_file to reference the ssh keypair file paths in the archive.
- Change fields values
iso_url and iso_checksum.
- Run
packer validate .
Packer Plugin SDK version
- packer version: v1.11.2
- packer qemu plugin: github.com/hashicorp/qemu 1.1.0
Operating system and Environment details
Ubuntu Linux 24.04. Packer installed manually via binary download.
Log Fragments and crash.log files
Running packer with PACKER_LOG=1 does not add useful information about the key error.
In this repository (https://github.com/hashicorp/packer-plugin-sdk) I found that the string Error loading certificate is only present in file communicator/ssh/ssh.go and is returned after the function ssh.ParseAuthorizedKey, which does not seem to handle private keys but authorized_keys files.
Attachment: packer.zip
Thank you for your support.
Overview of the Issue
packer validatereturns errorssh_private_key_file is invalid: Error loading certificatewhen using fieldssh_private_key_filein source qemu block.The key file exists. The keypair has been generated from command
ssh-keygen -f rsa -t rsawith no passphrase.Also,
ed25519keys have been tested, with the same packer results.The private and public key pairs have been tested with commands:
(Source: https://serverfault.com/questions/426394/how-to-check-if-an-rsa-public-private-key-pair-match)
Reproduction Steps
ssh_certificate_fileandssh_private_key_fileto reference the ssh keypair file paths in the archive.iso_urlandiso_checksum.packer validate .Packer Plugin SDK version
Operating system and Environment details
Ubuntu Linux 24.04. Packer installed manually via binary download.
Log Fragments and crash.log files
Running packer with
PACKER_LOG=1does not add useful information about the key error.In this repository (https://github.com/hashicorp/packer-plugin-sdk) I found that the string
Error loading certificateis only present in file communicator/ssh/ssh.go and is returned after the function ssh.ParseAuthorizedKey, which does not seem to handle private keys but authorized_keys files.Attachment: packer.zip
Thank you for your support.