"Renci.SshNet.Common.SshException: Invalid private key file" when loading SSH private key from configuration string using SSH.NET
As this is the top answer for that error message, so I think it's worthwhile expanding on a point in your original question - converting to an OpenSSH format key.
Renci.SshNet can't use PuTTY keys that start with:
PuTTY-User-Key-File-2: ssh-rsa
You can use puttygen.exe to convert to the OpenSSH format
- load your key file in puttygen.exe
- Conversions > Export OpenSSH key (not the "force new file format" option)
This will make a key that starts with:
-----BEGIN RSA PRIVATE KEY-----
and that will work
I copied only the key part from the above file
You need to have complete key file in the MemoryStream
. And exactly as in the file (as if you were using FileStream
with your text key file). So no Convert.FromBase64String
.
var keyStr = @"-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQEAiCYlBq7NITBpCCe48asfXKMpnJJJK+7FQj6wIRJCNuBk76tL
jNooDDPPrnrE9VKxRds4olPftjRj87s9gjm4EirbvijZ9PoDlW9CWFhjJPwCPJpA
onkhaiA7SV+abRDQHm/lst5Fk9tzl+DZcS/EleilGDV7rCYEP692UJRsi3GvzngQ
dpRvVvO4o2rXnEkdp+254KHsah0pSxri23+jqbxPguHKGIMylrswokMI0QKcfm+1
/pjrV64EQCxli3i2yPl4WVh/QaNyHMKoze/WN00Pia99QhE1Rm3YCCarFWFeX+R5
7LgIUhtrE7vZGvimfZN7oBdR2pEq10PIc+8q9QIBJQKCAQAWFAYBFW1fU/VbRLY1
Bv4qsqzNSCeKlWwYlItDohiTRvucfKR3tKyMW23JRFdKYG/GI4yks6e8roy/vX+Y
k7z8BvMzl+v+NmFyLbe7TJp0sz6iCy0TbZa3Q388VLFCHmbwLdI4rmwl0I9JD7SO
5SbMM5BkymcU/z71khMvqV21vym5Ge/ApvX0K0XNJs/N/OLnX46Z8taYEyTmreSR
rxAbma4I5BhqXbH0CMOI5u8zCyycghytl5sYyMr+LIWQKWLzQU+mPNN0qIy0pO5t
r8lGNJh5Lnmu1lQw9yAGo2IPPIERP90X64pVrteIjPtt30n87bWDS8gOiam8S/qk
2ZJVAoGBAPZi6E/KpYpzYGKPAfialu0QN1X7uFio1MUmDum+phk5+xeQb/VvlP6Y
d+/o03EMnhvUsop9p7E2CwLZfT6DO7x3LKtumfceq5dPE5hQSWXi9RkBhcOJaZvZ
z+36c8N8iSZZzlxdA5TeDTUqtuVli4HLrcsXaAaVMxEr/G2JwUgTAoGBAI12Gnoy
k/gsiHz4pDLgxWQE6R8vkBMXfQCWhkzvzKca4twQ8z4ZAb/yt+BCiioJn5g58CVS
dP2zd3Lx8e9kkxggZLcUR3Ao6HceYKeD6mx4vkpHiyCtKJI+qfnkw2A64xwbtvTR
h/O5Aq90SjqP4YcaK9E0W/mWYoL3ctFG8DHXAoGBAKZ6LkPARlag+++RDytvXw7h
cX9JN15/6bWkF+oLMfVehw/r+J7qh0Q9gXiWZVo49TVmM3JU5u1b3e0rKxxmgk7o
vVE85JI3UVhl3M6yyc84fBfQmKa2ytEWoT/uaeTzR+l68zd9Hhh6W/N9udlEnIgh
1kr0I7FruriTV4hIUinHAoGASKRudhn49Q/zD73zdBKO4FWMd8xQ5zWTN6c+C9UW
EJ8ajK7CGPgVp8HUC2BwdnOk+ySrwCNsgkdm2ik3DDqQuVy+GNMP7XzKZq68Av6N
IvHlLQ/7VfgN6jvavpgRTRdSB4Pafbe0hBLltAtItknig6WnzEtR0zGMiHE69dhR
1GcCgYBckoyMXpT0HzOjLXWClSiIaDDfgGcmgEKbYJ7c3mncjLinbCVFdJ0UcrqJ
tiauWBvmecAhnJvQGnmInawNUHetAgJoCbqd7cckjI8VtBgHlQyT93wo9fSDz0Kt
dDHspRvVQkhiR/6IWz1PtCT0QGrHP8fJq/PCbLnJf/EJqJv/xA==
-----END RSA PRIVATE KEY-----
";
using (var keystrm = new MemoryStream(Encoding.ASCII.GetBytes(keyStr)))
{
var privateKey = new PrivateKeyFile(keystrm);
}
Actually with the earlier code i was showing there is an existing implementation where the file is successfully sent.
Then your connection string does not contain what you claim. Check the implementation of PrivateKeyFile.Open
. It explicitly checks that the stream starts with ---- BEGIN ... PRIVATE KEY
. If not, it throws "Invalid private key file."
It's actually probably even impossible (or difficult) to store multi-line contents into the connection string. If your code ever worked, it must be because your SftpKey
connection strings contain a complete key file (including the BEGIN ... PRIVATE KEY
envelope) but encoded (again) in Base64 encoding (as a single line). Like this:
Convert.ToBase64String(File.ReadAllBytes(@"C:\path\to\key"))
Which will give you string like:
LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ0KTUlJRW9RSUJBQUtDQVFFQWlDWWxCcTdOSVRCcENDZTQ4YXNmWEtNcG5KSkpLKzdGUWo2d0lSSkNOdUJrNzZ0TA0Kak5vb0REUFBybnJFOVZLeFJkczRvbFBmdGpSajg3czlnam00RWlyYnZpalo5UG9EbFc5Q1dGaGpKUHdDUEpwQQ0Kb25raGFpQTdTVithYlJEUUhtL2xzdDVGazl0emwrRFpjUy9FbGVpbEdEVjdyQ1lFUDY5MlVKUnNpM0d2em5nUQ0KZHBSdlZ2TzRvMnJYbkVrZHArMjU0S0hzYWgwcFN4cmkyMytqcWJ4UGd1SEtHSU15bHJzd29rTUkwUUtjZm0rMQ0KL3BqclY2NEVRQ3hsaTNpMnlQbDRXVmgvUWFOeUhNS296ZS9XTjAwUGlhOTlRaEUxUm0zWUNDYXJGV0ZlWCtSNQ0KN0xnSVVodHJFN3ZaR3ZpbWZaTjdvQmRSMnBFcTEwUEljKzhxOVFJQkpRS0NBUUFXRkFZQkZXMWZVL1ZiUkxZMQ0KQnY0cXNxek5TQ2VLbFd3WWxJdERvaGlUUnZ1Y2ZLUjN0S3lNVzIzSlJGZEtZRy9HSTR5a3M2ZThyb3kvdlgrWQ0Kazd6OEJ2TXpsK3YrTm1GeUxiZTdUSnAwc3o2aUN5MFRiWmEzUTM4OFZMRkNIbWJ3TGRJNHJtd2wwSTlKRDdTTw0KNVNiTU01Qmt5bWNVL3o3MWtoTXZxVjIxdnltNUdlL0FwdlgwSzBYTkpzL04vT0xuWDQ2Wjh0YVlFeVRtcmVTUg0KcnhBYm1hNEk1QmhxWGJIMENNT0k1dTh6Q3l5Y2doeXRsNXNZeU1yK0xJV1FLV0x6UVUrbVBOTjBxSXkwcE81dA0KcjhsR05KaDVMbm11MWxRdzl5QUdvMklQUElFUlA5MFg2NHBWcnRlSWpQdHQzMG44N2JXRFM4Z09pYW04Uy9xaw0KMlpKVkFvR0JBUFppNkUvS3BZcHpZR0tQQWZpYWx1MFFOMVg3dUZpbzFNVW1EdW0rcGhrNSt4ZVFiL1Z2bFA2WQ0KZCsvbzAzRU1uaHZVc29wOXA3RTJDd0xaZlQ2RE83eDNMS3R1bWZjZXE1ZFBFNWhRU1dYaTlSa0JoY09KYVp2Wg0KeiszNmM4TjhpU1paemx4ZEE1VGVEVFVxdHVWbGk0SExyY3NYYUFhVk14RXIvRzJKd1VnVEFvR0JBSTEyR25veQ0Kay9nc2lIejRwRExneFdRRTZSOHZrQk1YZlFDV2hrenZ6S2NhNHR3UTh6NFpBYi95dCtCQ2lpb0puNWc1OENWUw0KZFAyemQzTHg4ZTlra3hnZ1pMY1VSM0FvNkhjZVlLZUQ2bXg0dmtwSGl5Q3RLSkkrcWZua3cyQTY0eHdidHZUUg0KaC9PNUFxOTBTanFQNFljYUs5RTBXL21XWW9MM2N0Rkc4REhYQW9HQkFLWjZMa1BBUmxhZysrK1JEeXR2WHc3aA0KY1g5Sk4xNS82YldrRitvTE1mVmVody9yK0o3cWgwUTlnWGlXWlZvNDlUVm1NM0pVNXUxYjNlMHJLeHhtZ2s3bw0KdlZFODVKSTNVVmhsM002eXljODRmQmZRbUthMnl0RVdvVC91YWVUelIrbDY4emQ5SGhoNlcvTjl1ZGxFbklnaA0KMWtyMEk3RnJ1cmlUVjRoSVVpbkhBb0dBU0tSdWRobjQ5US96RDczemRCS080RldNZDh4UTV6V1RONmMrQzlVVw0KRUo4YWpLN0NHUGdWcDhIVUMyQndkbk9rK3lTcndDTnNna2RtMmlrM0REcVF1VnkrR05NUDdYektacTY4QXY2Tg0KSXZIbExRLzdWZmdONmp2YXZwZ1JUUmRTQjRQYWZiZTBoQkxsdEF0SXRrbmlnNlduekV0UjB6R01pSEU2OWRoUg0KMUdjQ2dZQmNrb3lNWHBUMEh6T2pMWFdDbFNpSWFERGZnR2NtZ0VLYllKN2MzbW5jakxpbmJDVkZkSjBVY3JxSg0KdGlhdVdCdm1lY0Fobkp2UUdubUluYXdOVUhldEFnSm9DYnFkN2Nja2pJOFZ0QmdIbFF5VDkzd285ZlNEejBLdA0KZERIc3BSdlZRa2hpUi82SVd6MVB0Q1QwUUdySFA4ZkpxL1BDYkxuSmYvRUpxSnYveEE9PQ0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0NCg==