On Thu, 1 Aug 2024 at 19:21, Veera <sveem...@gmail.com> wrote: > > > Yes , We need a RSA format PEM key which is compatible with the > application . > Whenever a OPENSSH PRIVATE Key generated with the playbook is used for > authentication , login to the application is working but its not > functioning 100% as expected . > When a RSA format PEM or id_rsa key ( ssh-keygen -t rsa -b 2048) is used > then login and functioning of the application is working fine. (vendor > recommended RSA format SSH key) >
Add the following parameters to your task: backend: cryptography private_key_format: pkcs1 Looking at the docs <https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_keypair_module.html>, this means that your application depends on OpenSSH < 7.8, because only those versions created PKCS1 private key files (the ones with "BEGIN RSA..."). See https://superuser.com/questions/1720991/ for an interesting read on some historical background and rationale. After reading that you may want to ask questions to your vendor, for example why their application insists on a legacy, less secure format (although the latter only applies to encrypted keys, which you don't seem to be generating). If it is a key for ssh, then they might also be using specific fields from the ASN.1 structure. This is possible, but then it's not just an ssh key anymore. Dick -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAF8BbLZj2dSZCdqaPh3Q837eaLWZRoMz1AsS46KENZ6-TZD3QQ%40mail.gmail.com.