You are not logged in.
- Topics: Active | Unanswered
#1 2020-06-01 13:52:57
- replabrobin
- Member
- Registered: 2010-05-06
- Posts: 234
[SOLVED] openssh load pubkey "mykeyfilepath": invalid format
After upgrade today to openssh 8.3p1-1 I am getting warnings for private keys that used to work fine and also work fine with older ssh versions eg OpenSSH_7.6p1.
The warning has the form
load pubkey "mykeyfilepath": invalid format
I assume this has to do with the update requiring some preferred formatting of the PEM files that I have always used. Is there a way to fix this? Although the warning doesn't prevent the ssh command from working the stderr output causes warning emails etc etc.
Last edited by replabrobin (2020-06-01 17:57:30)
Offline
#2 2020-06-01 14:34:58
- replabrobin
- Member
- Registered: 2010-05-06
- Posts: 234
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
As a quick check I downgraded openssh to https://archive.archlinux.org/packages/ … kg.tar.zst and then the warning messages go away so they are caused by the upgrade to 8.3p1-1.
Offline
#3 2020-06-01 16:59:12
- qinohe
- Member
- From: Netherlands
- Registered: 2012-06-20
- Posts: 1,494
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
Did you try to recreate the key into PEM format? (see) man ssh-keygen
ssh-keygen -f id_rsa.pub -m PEM -e > key.pemedit: what happens if you recreate id_rsa and the pem.key?
Last edited by qinohe (2020-06-01 17:03:31)
Offline
#4 2020-06-01 17:29:38
- jasonwryan
- Anarchist
- From: .nz
- Registered: 2009-05-09
- Posts: 30,424
- Website
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
Offline
#5 2020-06-01 17:42:19
- replabrobin
- Member
- Registered: 2010-05-06
- Posts: 234
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
Did you try to recreate the key into PEM format? (see) man ssh-keygen
ssh-keygen -f id_rsa.pub -m PEM -e > key.pemedit: what happens if you recreate id_rsa and the pem.key?
the above seems related to creating a public key; that's not what I need. The warning refers directly to the private key.
Offline
#6 2020-06-01 17:56:26
- replabrobin
- Member
- Registered: 2010-05-06
- Posts: 234
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
duh, I looked at the changes and saw the stuff about rsa. I tried the alleged test
ssh -i id_rsa -oHostKeyAlgorithms=-ssh-rsa user@hostbut although I got the warning it still connected so I thought that wasn't the problem. If I use a different key type eg ed25519 then I see no warning.
The warning seems to be the problem. Obviously there's no format error in the rsa key file; it seems to be the key type that is deprecated. Thanks for pointing at the solution. It seems we need to change the private key type.
Offline
#7 2020-06-09 12:14:25
- mdavis95
- Member
- Registered: 2017-12-21
- Posts: 5
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
for me it not now complains (but still works):
load pubkey "/home/user/.ssh/id_rsa": invalid format.
adding /home/user/.ssh/id_rsa.pub makes the warning go away
Offline
#8 2020-06-15 02:58:10
- eduardo_amarall
- Member
- Registered: 2018-01-23
- Posts: 7
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
I'm having the same problem, but I'm using .pem keys. All my keys worked fine, now they sill work but keeps giving me the error " load pubkey "key.pem": invalid format "
Last edited by eduardo_amarall (2020-06-15 02:58:33)
Offline
#9 2020-06-17 17:09:57
- Albert Camus
- Member
- From: Chicago
- Registered: 2014-06-18
- Posts: 6
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
Having the exact same problem as well. I'm specifying IdentityFile entries for hosts defined in my ~/.ssh/config. Specifically using SSH keys in .pem format downloaded from AWS that I have been using for years. There's no corresponding .pub key file on my machine since AWS automatically deployed the public key to each server you deploy.
In general this sounds like openssh makes a faulty assumption in that there's going to be a corresponding .pub file next to each private key.
Last edited by Albert Camus (2020-06-17 17:19:28)
Offline
#10 2020-07-10 15:24:55
- HQJaTu
- Member
- Registered: 2018-10-14
- Posts: 4
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
Having the exact same problem as well.
In general this sounds like openssh makes a faulty assumption in that there's going to be a corresponding .pub file next to each private key.
Yeah, having the same problem since OpenSSH 8.3 client.
Why is there new assumption of public key to be present? It is not needed in the authentication process.
Why is this a warning-worthy event? If it would be an error, the connection wouldn't happen.
When adding couple of -v arguments, there is nothing mentioned about the missing .pub-file.
The working solution to remove this unnecessary warning is to add the correct public key.
Offline
#11 2020-07-11 07:22:26
- HQJaTu
- Member
- Registered: 2018-10-14
- Posts: 4
Re: [SOLVED] openssh load pubkey "mykeyfilepath": invalid format
Problem was introduced exactly two years ago on 11th July 2018. Fix (commit c514f3c0522855b4d548286eaa113e209051a6d2) was introduced three weeks ago to suppress the warning. The problem will go away when OpenSSH gets updated.
For code-oriented people, I wrote a blog post covering the breaking and fixing commits into Github.
Offline