On Thu, 1 Aug 2024 at 19:21, Veera <[email protected]> wrote: > > > Yes , We need a RSA format PEM key which is compatible with the > application . > Whenever a OPENSSH PRIVATE Key generated with the playbook is used for > authentication , login to the application is working but its not > functioning 100% as expected . > When a RSA format PEM or id_rsa key ( ssh-keygen -t rsa -b 2048) is used > then login and functioning of the application is working fine. (vendor > recommended RSA format SSH key) >
Add the following parameters to your task: backend: cryptography private_key_format: pkcs1 Looking at the docs <https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_keypair_module.html>, this means that your application depends on OpenSSH < 7.8, because only those versions created PKCS1 private key files (the ones with "BEGIN RSA..."). See https://superuser.com/questions/1720991/ for an interesting read on some historical background and rationale. After reading that you may want to ask questions to your vendor, for example why their application insists on a legacy, less secure format (although the latter only applies to encrypted keys, which you don't seem to be generating). If it is a key for ssh, then they might also be using specific fields from the ASN.1 structure. This is possible, but then it's not just an ssh key anymore. Dick -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAF8BbLZj2dSZCdqaPh3Q837eaLWZRoMz1AsS46KENZ6-TZD3QQ%40mail.gmail.com.
