ssh key_load_public: invalid format warning
Clash Royale CLAN TAG#URR8PPP
up vote
5
down vote
favorite
SSHing into my system succeeds but even without the -v
flag I get key_load_public: invalid format
message. Below is the output w/ using the verbose flag.
Specifically
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
seems to be the problem as I don't have such a file. However, I checked w/ another system and I also get the same two above lines. However there is no key_load_public: invalid format
before that, which is what I actually want to get rid of. Permissions on the authorized_keys file on both remote systems looks the same, permissions on the private_keys look the same too.
$ ssh -v desired_host
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /home/myname/.ssh/config
debug1: /home/dli/.ssh/config line 16: Applying options for desired_host
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to desired_host [X.X.X.X] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to desired_host:22 as 'myname'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:EmG/FBK0OCXtaAqAkfHKxoXKLGiZiHUsQpObK6aWd30
debug1: Host 'desired_host' is known and matches the RSA host key.
debug1: Found key in /home/myname/.ssh/known_hosts:39
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/myname/.ssh/private_rsa_key
debug1: Authentication succeeded (publickey).
Authenticated to desired_host ([X.X.X.X]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
ssh openssh
add a comment |Â
up vote
5
down vote
favorite
SSHing into my system succeeds but even without the -v
flag I get key_load_public: invalid format
message. Below is the output w/ using the verbose flag.
Specifically
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
seems to be the problem as I don't have such a file. However, I checked w/ another system and I also get the same two above lines. However there is no key_load_public: invalid format
before that, which is what I actually want to get rid of. Permissions on the authorized_keys file on both remote systems looks the same, permissions on the private_keys look the same too.
$ ssh -v desired_host
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /home/myname/.ssh/config
debug1: /home/dli/.ssh/config line 16: Applying options for desired_host
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to desired_host [X.X.X.X] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to desired_host:22 as 'myname'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:EmG/FBK0OCXtaAqAkfHKxoXKLGiZiHUsQpObK6aWd30
debug1: Host 'desired_host' is known and matches the RSA host key.
debug1: Found key in /home/myname/.ssh/known_hosts:39
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/myname/.ssh/private_rsa_key
debug1: Authentication succeeded (publickey).
Authenticated to desired_host ([X.X.X.X]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
ssh openssh
add a comment |Â
up vote
5
down vote
favorite
up vote
5
down vote
favorite
SSHing into my system succeeds but even without the -v
flag I get key_load_public: invalid format
message. Below is the output w/ using the verbose flag.
Specifically
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
seems to be the problem as I don't have such a file. However, I checked w/ another system and I also get the same two above lines. However there is no key_load_public: invalid format
before that, which is what I actually want to get rid of. Permissions on the authorized_keys file on both remote systems looks the same, permissions on the private_keys look the same too.
$ ssh -v desired_host
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /home/myname/.ssh/config
debug1: /home/dli/.ssh/config line 16: Applying options for desired_host
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to desired_host [X.X.X.X] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to desired_host:22 as 'myname'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:EmG/FBK0OCXtaAqAkfHKxoXKLGiZiHUsQpObK6aWd30
debug1: Host 'desired_host' is known and matches the RSA host key.
debug1: Found key in /home/myname/.ssh/known_hosts:39
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/myname/.ssh/private_rsa_key
debug1: Authentication succeeded (publickey).
Authenticated to desired_host ([X.X.X.X]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
ssh openssh
SSHing into my system succeeds but even without the -v
flag I get key_load_public: invalid format
message. Below is the output w/ using the verbose flag.
Specifically
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
seems to be the problem as I don't have such a file. However, I checked w/ another system and I also get the same two above lines. However there is no key_load_public: invalid format
before that, which is what I actually want to get rid of. Permissions on the authorized_keys file on both remote systems looks the same, permissions on the private_keys look the same too.
$ ssh -v desired_host
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /home/myname/.ssh/config
debug1: /home/dli/.ssh/config line 16: Applying options for desired_host
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to desired_host [X.X.X.X] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to desired_host:22 as 'myname'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:EmG/FBK0OCXtaAqAkfHKxoXKLGiZiHUsQpObK6aWd30
debug1: Host 'desired_host' is known and matches the RSA host key.
debug1: Found key in /home/myname/.ssh/known_hosts:39
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/myname/.ssh/private_rsa_key
debug1: Authentication succeeded (publickey).
Authenticated to desired_host ([X.X.X.X]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
ssh openssh
ssh openssh
asked Apr 27 '16 at 14:37
hiandbaii
126114
126114
add a comment |Â
add a comment |Â
3 Answers
3
active
oldest
votes
up vote
2
down vote
There are two separate messages:
This one tells you that .ssh/private_rsa_key
is in wrong format:
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
This one does not show up in without -v
switch and is just informative to tell you that you don't have a certificate:
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
There is nothing to worry about the second message.
1
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
add a comment |Â
up vote
0
down vote
I finally succeeded by being sure to copy and paste EXACTLY the contents of private RSA key, e.g.
-----BEGIN RSA PRIVATE KEY-----
<content>.....
-----END RSA PRIVATE KEY-----
including all the EOL tabs or whatever was there.
add a comment |Â
up vote
0
down vote
when I issued
ssh myid@mydomain
and got message (even though I successfully logged into remote box)
key_load_public: invalid format
it happened because somehow my local ~/.ssh/xxx.pub actually had contents of my private key file even though the remote host correctly had my public key in file ~myid/.ssh/authorized_keys SO solution was to correct my local ~/.ssh/xxx.pub so it had my public key
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
There are two separate messages:
This one tells you that .ssh/private_rsa_key
is in wrong format:
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
This one does not show up in without -v
switch and is just informative to tell you that you don't have a certificate:
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
There is nothing to worry about the second message.
1
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
add a comment |Â
up vote
2
down vote
There are two separate messages:
This one tells you that .ssh/private_rsa_key
is in wrong format:
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
This one does not show up in without -v
switch and is just informative to tell you that you don't have a certificate:
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
There is nothing to worry about the second message.
1
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
add a comment |Â
up vote
2
down vote
up vote
2
down vote
There are two separate messages:
This one tells you that .ssh/private_rsa_key
is in wrong format:
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
This one does not show up in without -v
switch and is just informative to tell you that you don't have a certificate:
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
There is nothing to worry about the second message.
There are two separate messages:
This one tells you that .ssh/private_rsa_key
is in wrong format:
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
This one does not show up in without -v
switch and is just informative to tell you that you don't have a certificate:
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
There is nothing to worry about the second message.
answered Apr 27 '16 at 15:45
Jakuje
16k52951
16k52951
1
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
add a comment |Â
1
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
1
1
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
How does an invalidly formatted private key still validate? Isn't a key correct or incorrect? (I checked the EOLs in both private keys and they are both not using carriage returns)
â hiandbaii
Apr 27 '16 at 16:21
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
It is a generic error. It might be anything. How does the header of the file look like?
â Jakuje
Apr 27 '16 at 16:43
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
-----BEGIN RSA PRIVATE KEY-----
â hiandbaii
Apr 27 '16 at 16:53
add a comment |Â
up vote
0
down vote
I finally succeeded by being sure to copy and paste EXACTLY the contents of private RSA key, e.g.
-----BEGIN RSA PRIVATE KEY-----
<content>.....
-----END RSA PRIVATE KEY-----
including all the EOL tabs or whatever was there.
add a comment |Â
up vote
0
down vote
I finally succeeded by being sure to copy and paste EXACTLY the contents of private RSA key, e.g.
-----BEGIN RSA PRIVATE KEY-----
<content>.....
-----END RSA PRIVATE KEY-----
including all the EOL tabs or whatever was there.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
I finally succeeded by being sure to copy and paste EXACTLY the contents of private RSA key, e.g.
-----BEGIN RSA PRIVATE KEY-----
<content>.....
-----END RSA PRIVATE KEY-----
including all the EOL tabs or whatever was there.
I finally succeeded by being sure to copy and paste EXACTLY the contents of private RSA key, e.g.
-----BEGIN RSA PRIVATE KEY-----
<content>.....
-----END RSA PRIVATE KEY-----
including all the EOL tabs or whatever was there.
edited May 21 at 9:24
Anthony Geoghegan
7,33633852
7,33633852
answered May 21 at 8:22
Andrew Roe
1
1
add a comment |Â
add a comment |Â
up vote
0
down vote
when I issued
ssh myid@mydomain
and got message (even though I successfully logged into remote box)
key_load_public: invalid format
it happened because somehow my local ~/.ssh/xxx.pub actually had contents of my private key file even though the remote host correctly had my public key in file ~myid/.ssh/authorized_keys SO solution was to correct my local ~/.ssh/xxx.pub so it had my public key
add a comment |Â
up vote
0
down vote
when I issued
ssh myid@mydomain
and got message (even though I successfully logged into remote box)
key_load_public: invalid format
it happened because somehow my local ~/.ssh/xxx.pub actually had contents of my private key file even though the remote host correctly had my public key in file ~myid/.ssh/authorized_keys SO solution was to correct my local ~/.ssh/xxx.pub so it had my public key
add a comment |Â
up vote
0
down vote
up vote
0
down vote
when I issued
ssh myid@mydomain
and got message (even though I successfully logged into remote box)
key_load_public: invalid format
it happened because somehow my local ~/.ssh/xxx.pub actually had contents of my private key file even though the remote host correctly had my public key in file ~myid/.ssh/authorized_keys SO solution was to correct my local ~/.ssh/xxx.pub so it had my public key
when I issued
ssh myid@mydomain
and got message (even though I successfully logged into remote box)
key_load_public: invalid format
it happened because somehow my local ~/.ssh/xxx.pub actually had contents of my private key file even though the remote host correctly had my public key in file ~myid/.ssh/authorized_keys SO solution was to correct my local ~/.ssh/xxx.pub so it had my public key
answered 5 mins ago
Scott Stensland
3961312
3961312
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f279509%2fssh-key-load-public-invalid-format-warning%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password