Azure-devops-docs: Doc: Not clear how to set up values for require inputs

@mydiemho Thank you for the feedback.

Have you tried the steps in this GitHub example? Is there a particular step that isn't working?

I figured it out but the doc is missing a lot of steps explaining how to do it.

1. User need to upload the ssh key to a secure file
2. Then they would have to add a task to download the file
3. Then finally, user can reference this file in this task

There are a lot of assumptions made in the documentation about what user already know to do

I agree with @mydiemho. And example of the final YAML based on the steps you outline. It is unclear what the values to be provided in the YAML should be. Copy/paste the raw value of the known_hosts file? File path to secure file? Etc.

I got this working after a lot of searching through source code, trial and error - and general frustration. The docs here are nowhere near good enough and it looks like I'm not alone in finding this difficult to configure as a result.

For 'knownHostsEntry', (having followed "Example setup using GitHub" above) you need to copy the line that ssh-agent inserts into your known_hosts file once you've interactively accepted the RSA fingerprint for the host in question. An easy way to unambiguously identify this line is to temporarily rename/move ~/.ssh/known_hosts _before_ running through that GitHub example, _and then copy the single line that will have been added into a newly-created known_hosts_.

For 'sshKeySecureFile', the only way I could get this to work was to copy the secureFileId query string param from the URL while viewing the "Library > edit Secure File" page, and paste this value in:

e.g. 'sshKeySecureFile': '53d14b1d-8567-4940-9959-acc5c8e6cd32'

Not sure which SSH key should I upload to the secureFile. Public key?

@joyl1216 - I would think it will be a private key, assuming your use case was similar to mine: i.e. wanting the build agent to be able to authenticate as "you" against a resource that is authorized using the correpsonding public key.

Hi, I'm trying to use this step as part of a Build Pipeline and I've followed these directions to the letter. It seems the Install SSH Key step does not like my public key:

[command]/usr/bin/ssh-agent
SSH_AUTH_SOCK=/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T//ssh-TjlpUVMDSzR7/agent.639; export SSH_AUTH_SOCK;
SSH_AGENT_PID=640; export SSH_AGENT_PID;
echo Agent pid 640;
[command]/usr/bin/ssh-add -L
The agent has no identities.
##[error]Could not get the base64 portion of the public SSH key.
##[section]Finishing: InstallSSHKey
Could not get the base64 portion of the public SSH key.

According to the task.json code I found, this task thinks my key is malformed. If that is true, I have no idea how to form this correctly.

I have created an SSH key locally, SSH'd with it to my host (to get a known_hosts finger print), and I've copied the exact contents of my SSH public key and added that to the task per the directions. What else can I do?

@chefnobody a few possible reasons for your error:

1) You could be using an email with invalid syntax https://www.jacobbenson.io/index.php/2018/10/03/ssh-key-must-be-encoded-in-base64-when-adding-ssh-public-key-to-azure-linux-vm/

2) How did you copy the key? There could be extra spaces. If on a mac, I would recommend running cat ssh_key.pub | pbcopy. https://community.intersystems.com/post/ssh-authentication-error-invalid-key-data-not-base64-encoded

Hi @mydiemho, thanks for the reply.

I figured out the issue by digging through the code. There were spaces in my key, that appeared to be spaces when you pasted the key into the Task. However, the JS code that splits the key on the spaces was failing because the spaces in my key _weren't actually_ spaces. Replacing these "rogue" spaces with actual spaces and trying the Build Pipeline again resolved this malformed key issue.

Thanks!

Oh, this docs sucks, nothing is clear. You should take example from AWS docs.