I have a Spring Boot application with Apache SSHD. The application should use SSH Public Key Authentication. Therefore, the application needs a private key. How to provide this private key?
For security reasons, the private key should not be saved in the
Instead the private key should be provided as an environment variable (with GitLab).
Documentation
In the documentation is only an example for private keys saved in the filesystem, see Loading key files:
Loading key files
In order to use password-less authentication the user needs to provide one or more
KeyPair-s that are used to "prove" the client's identity for the server. The code supports most if not all of the currently used key file formats. SeeSshKeyDumpMainclass for example of how to load files - basically:KeyPairResourceLoader loader = SecurityUtils.getKeyPairResourceParser(); Collection<KeyPair> keys = loader.loadKeyPairs(null, filePath, passwordProvider);
Research
I could create the the KeyPair as described in create java PrivateKey and PublicKey from a String of file, but then I would reimplement an existing part of Apache SSHD. I have to support all of the currently used key file formats.
Question
How to load private key from String instead of filesystem?
I found a way to use a String instead of a file, see KeyPairResourceLoader#loadKeyPairs:
default Collection<KeyPair> loadKeyPairs(SessionContext session, NamedResource resourceKey, FilePasswordProvider passwordProvider, String data) throws IOException, GeneralSecurityExceptionThrows:
IOException
GeneralSecurityException
My changed code:
KeyPairResourceLoader loader = SecurityUtils.getKeyPairResourceParser();
Collection<KeyPair> keyPairCollection = loader.loadKeyPairs(null, null, null, pem);