java - 在 gitlab 上测试 jsch 会导致无效私钥错误

Question

我正在尝试配置 gitlab 在提交时运行测试，但是在我的测试中我使用 SFTP ( JSch )，如下所示:

sftp = new JSch();
sftp.addIdentity(Paths.get(ClassLoader.getSystemResource("private.ppk").toURI()).toString());
//sftp.setKnownHosts("~/.ssh/known_hosts");

Session session = sftp.getSession("test", "localhost", port);
session.setConfig("StrictHostKeyChecking", "no");
session.setConfig("PreferredAuthentications", "publickey");
session.connect();

sftpChannel = (ChannelSftp) session.openChannel("sftp");
sftpChannel.connect();

( port 是免费的随机端口。)

此代码在 gitlab 环境中运行时会抛出

com.jcraft.jsch.JSchException: invalid privatekey: [B@27e47833

我完全不明白为什么，在本地运行此代码可以正常工作。我从 gitlab 存储库中的资源加载的私钥。

为什么会发生这种情况？我是否省略了任何额外的步骤，或者为什么 gitlab 上的 Jsch 拒绝在本地运行时有效的私钥？

感谢您的帮助!

Answer 1

如mentioned here :

• Check the PPK file and ensure that there are no obvious signs of a malformation. IE. Truncations, encoding issues, etc.
  

• Verify the line endings in the PPK file.
  If you are developing a project and maintaining your code through a source code versioning system it is possible that your code gets versioned by different collaborators using different O.S. and architectures.
  As each operating system handles text end of lines differently (in Linux and OSX is handled as 'LF', in Windows as CRLF), if the PPK file gets modified, the character used to determine EOL could also be modified, thus impacting the matching of the private key. In these cases, it would be important to define the EOL character to use in your source code versioning tool settings or to directly avoid tracking the PPK file modifications.

参见the comments of "invalid private key when opening SSH tunnel with jsch" :

At least in 0.1.53 (and I doubt this would be removed) it does read PPK (in addition to OpenSSL PEMs = non-newfmt OpenSSH and several others) but only with Windows-type EOL (CR LF).
Did you copy your PPK to the affected system by a method that can change EOLs such as pasting to an editor or FTP TYPE A?

或者使用 PEM 格式而不是 PPK。