When attempting to ingress Terraform modules via
Git over SSH a
Permission denied (publickey).
fatal: Could not read from remote repository. is displayed and the run fails.
This is an issue with the SSH key.
PEM-encoded keys are required in Terraform Cloud and Terraform Enteprise. Check the SSH key headers to verify that it is PEM-encoded.
-----BEGIN RSA PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjh2olhqcJBuLG 8nttem8SoRSWKTmWDkHMHHGWCoijW8vhjVVQqrttsVsITxuiyY+8cMjHAEgKY03V 6Im5bGV+kDt+/DPpSqZIvu+EzRH0QANZ4IKgm05MojqHlMIg7iQoYhSYY9Trb6lb SGaxWqLThrWPGxyJ3RHw6co= -----END RSA PRIVATE KEY-----
If the key has a header of
-----"BEGIN OPENSSH PRIVATE KEY"----- then a PEM-encoded key will need to be generated instead.
The exact command to create a PEM-encoded SSH keypair depends on the operating system but will be similar to:
ssh-keygen -t rsa -m PEM -f "/Users/<NAME>/.ssh/service_terraform" -C "service_terraform_cloud".
This creates a
service_terraform file with the private key, and a
service_terraform.pub file with the public key.
Once generated, add the key to the organizations SSH keys, assign the key to a workspace, and queue a run.
Detailed instructions can be found at https://www.terraform.io/docs/cloud/workspaces/ssh-keys.html