Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow specifying OpenSSH Private Key Comment #227

Open
1 task done
MOZGIII opened this issue Jun 28, 2022 · 6 comments · May be fixed by #395
Open
1 task done

Allow specifying OpenSSH Private Key Comment #227

MOZGIII opened this issue Jun 28, 2022 · 6 comments · May be fixed by #395

Comments

@MOZGIII
Copy link

MOZGIII commented Jun 28, 2022

Terraform CLI and Provider Versions

master

Use Cases or Problem Statement

openssh.MarshalPrivateKey is always with "" comment. We actually need to be able to configure it.

Here it is:

openSSHKeyPemBlock, err := openssh.MarshalPrivateKey(prvKey, "")

Proposal

Add an input variable and make it configurable. A good name would be openssh_comment. It can be optional, and default to an empty string for backward compatibility.

How much impact is this issue causing?

High

Additional Information

Having a comment in the private key specifically is required for us unfortunately, and without this we can't use this provider.

We need it to make the right comment to appear when the key is added to the ssh-agent because we need to be able to tell what key is loaded.

Code of Conduct

  • I agree to follow this project's Code of Conduct
@DevNico
Copy link

DevNico commented Aug 31, 2022

This would be really useful to generate many deploy keys for use with https://github.com/webfactory/ssh-agent#support-for-github-deploy-keys

@MOZGIII
Copy link
Author

MOZGIII commented Aug 31, 2022

Yep, this is what I'm using it for actually :D

@KoenR3
Copy link

KoenR3 commented Jan 4, 2023

This would be a very useful option as explained above

@SharpEdgeMarshall
Copy link

any news?

@aalvarezaph
Copy link

Bump! Hopefully the PR can be checked soon

@veerendra2
Copy link

veerendra2 commented May 23, 2024

So far, I'm using ugly workaround

locals {
  deploy_keys_map = {
    "module-1" = "git@github.com:veerendra2/module-1.git",
    "module-2" = "git@github.com:veerendra2/module-2.git"
  }
}

resource "tls_private_key" "this" {
  for_each = local.deploy_keys_map
  algorithm = "RSA"
  rsa_bits  = 2048
}

resource "terraform_data" "this" {
  for_each = local.deploy_keys_map

  provisioner "local-exec" {
    command = "echo '${tls_private_key.this[each.key].private_key_openssh}' > ${each.key}.txt && chmod 600 ${each.key}.txt && ssh-keygen -c -C '${each.value}' -f ${each.key}.txt"
  }
}

data "local_file" "this" {
  for_each = local.deploy_keys_map

  filename = "${path.module}/${each.key}.txt"
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

8 participants