Dockerfile: skip passphrase for private key

I’m using private keys for downloading my repository from Github in my Docker file. I have something like this:

RUN mkdir -p /root/.ssh && echo "$MY_PRIVATE_KEY" >/root/.ssh/id_rsa &&    chmod 0600 /root/.ssh/id_rsa &&    ssh-keyscan >> /root/.ssh/known_hosts &&    cat /root/.ssh/known_hosts &&    ssh -vvv &&    pip install git+ssh:// &&    rm /root/.ssh/id_rsa

Where MY_PRIVATE_KEY is an argument. I’m not able to re-create this key.
My issue is that during connection process I’m getting the following error:
key_load_private_type: incorrect passphrase supplied to decrypt private key

  • How is it possible to extend docker php image with nodejs?
  • Access Docker socket within container
  • Is it possible to take thread dump of a java process in the container from the host?
  • Docker exposing ports site can't be reached
  • Forward container port set by external service at runtime
  • How to link Node API, Elastic Search and Kafka using Docker
  • Is it possible to skip passphrase somehow?

  • Assign LAN IP address to Docker container different from host's IP address
  • Docker - ERROR: failed to register layer: symlink
  • How do you copy any folder to a Docker container - while the Dockerfile is present in that folder?
  • Jelastic Docker Nginx LoadBalancing with Horizontal Auto Scaling
  • What is the runtime performance cost of a Docker container
  • How do I wait for a pull?
  • 2 Solutions collect form web for “Dockerfile: skip passphrase for private key”

    The passphrase is required to decrypt the key. You can’t “skip” it. You could remove the passphrase on the key using ssh-keygen -p (see the man page for details).

    You may want to investigate the use of a GitHub Deploy Key, which is a per-repository ssh key that grants read-only access to the repository. These are meant to solve exactly the situation you find yourself in: needing to automaticaly deploy software from a GitHub repository that requires authentication.

    Your MY_PRIVATE_KEY seems to be passphrase-protected (a key with an empty passphrase is not the same as a non-encrypted key).

    The key in .ssh/id_rsa is normally not passphrase-protected, instead it is protected by permissions to allow only owner access (0600).

    You can remove the passphrase from your key using OpenSSL like this:

    set MY_PRIVATE_KEY = `echo $MY_PRIVATE_KEY | openssl rsa`

    The contents of id_rsa should look like:

    . . .
    -----END RSA PRIVATE KEY-----
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.