You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
C:\Users\gberesford\source\repos\OpenVpnRemote\testtf>terraform validate
Success! The configuration is valid.
Actual Behavior
C:\Users\gberesford\source\repos\OpenVpnRemote\testtf>terraform validate
Error: Error - only ssh-rsa keys with 2048 bits or higher are supported by azure
on main.tf line 37, in resource "azurerm_linux_virtual_machine" "example":
37: resource "azurerm_linux_virtual_machine" "example" {
Steps to Reproduce
Generate 2048 bit RSA key with PuTTYgen.
Use public part of key for public_key in admin_ssh_key of azurerm_linux_virtual_machine resource.
The current code will fail with any exponent < 65536 (or > 16777215 and also for some key lengths > 65535 but those cases are unlikely.)
I suspect the only reliable way of doing this will be to parse the file properly to skip the first 2 elements by reading their length (which are uint32s, not uint16s), and then read the length of the 3rd element.
The text was updated successfully, but these errors were encountered:
Since this issue has been reported a long time ago and relates to the version of provider we no longer support - I'm going to close it. Please open a new updated bug report on current versions of terraform and provider if this is still relevant. Thank you.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Community Note
Terraform (and AzureRM Provider) Version
Affected Resource(s)
azurerm_linux_virtual_machine
Terraform Configuration Files
Debug Output
https://gist.github.com/gberesford/cdc53f8c67ee1d53cf371abe4507863f
Expected Behavior
Actual Behavior
Steps to Reproduce
public_key
inadmin_ssh_key
ofazurerm_linux_virtual_machine
resource.terraform validate
Important Factoids
PuTTYgen uses
37
as the RSA exponent, as opposed to ssh-keygen's65537
. The shorter exponent means that it takes up less space in the encoded public key, which makes the byte indexes of 20 and 21 incorrect here: https://github.com/terraform-providers/terraform-provider-azurerm/blob/2190f5565087143c6d67b05270685eda8d4f115d/azurerm/internal/services/compute/ssh_keys.go#L147The current code will fail with any exponent < 65536 (or > 16777215 and also for some key lengths > 65535 but those cases are unlikely.)
I suspect the only reliable way of doing this will be to parse the file properly to skip the first 2 elements by reading their length (which are uint32s, not uint16s), and then read the length of the 3rd element.
The text was updated successfully, but these errors were encountered: