Problem
When performing a run with configuration that refers to a module using Git over SSH, the run fails with the error: Permission denied (publickey).
fatal: Could not read from remote repository.
Cause
This is an issue with the SSH key.
Solution
PEM-encoded keys are required in Terraform Cloud and Terraform Enteprise. Check the SSH key headers to verify that it is PEM-encoded.
PEM-encoded key:
-----BEGIN RSA PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjh2olhqcJBuLG
8nttem8SoRSWKTmWDkHMHHGWCoijW8vhjVVQqrttsVsITxuiyY+8cMjHAEgKY03V
6Im5bGV+kDt+/DPpSqZIvu+EzRH0QANZ4IKgm05MojqHlMIg7iQoYhSYY9Trb6lb
SGaxWqLThrWPGxyJ3RHw6co=
-----END RSA PRIVATE KEY-----If the key has a header of -----"BEGIN OPENSSH PRIVATE KEY"----- then a PEM-encoded key will need to be generated instead.
The exact command to create a PEM-encoded SSH keypair depends on the operating system but will be similar to:
ssh-keygen -t rsa -m PEM -f "/Users/<NAME>/.ssh/service_terraform" -C "service_terraform_cloud".
This creates a service_terraform file with the private key, and a service_terraform.pub file with the public key.
Once generated, add the key to the organizations SSH keys, assign the key to a workspace, and queue a run.
Additional Information
Detailed instructions can be found at https://www.terraform.io/docs/cloud/workspaces/ssh-keys.html