bad decrypt error message on Deployment

[kashifnaseer]

Deployment was working fine , but suddenly today i started getting this message, any idea what's happening or why I'm getting this error?

/usr/bin/openssl version
OpenSSL 1.1.1 11 Sep 2018
/usr/bin/openssl enc -d -aes-256-cbc -md sha512 -salt -in config/deploy/production_deploy_key -out config/deploy_id_rsa -k *** -a -pbkdf2
bad decrypt
140322642260416:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:564:
Error: Error: The process '/usr/bin/openssl' failed with exit code 1

[miloserdow]

Hi @kashifnaseer!

We changed the the way the key is decrypted because of deprecation warning. You'll need to encrypt a key again, by following Step 4 in readme. Basically, we added -pbkdf2 option to the command used.

I'll pin this issue for better visibility.

[miloserdow]

Yes, just use ***@***.***" or ***@***.***" instead of ***@***.***" in your workflow configuration file.

[rctneil]

Hi,

I'm attempting to set this deployment action up for my small Ruby on Rails site. I am experiencing this error. I have re-encrypted the key but it continues to happen.

I have looked at @miloserdow comment above but really don't understand what it means.

Any ideas on how I can solve this error?

Thanks,
Neil

[miloserdow]

I have looked at @miloserdow comment above but really don't understand what it means.

Hi Neil,

My comment was edited for some reason (maybe Github thought I posted someone's email address?). Also, 1 comment was removed so I don't understand my reply to it either :)

What version of the workflow are you using? You may try miloserdow/capistrano-deploy@master if you haven't already

[rctneil]

Hi,

@miloserdow I was literally just about to come on here to delete my message as I ran the workflow once more and it worked!!!

I'm over the moon that it works. I'm not great at this server stuff but it works. Thankyou so much!

I am using miloserdow/capistrano-deploy@master by the way.

[sprain]

Thanks for this helpful action!

Unfortunately, I still get this error when using miloserdow/capistrano-deploy@master.

/usr/bin/openssl version
OpenSSL 1.1.1f  31 Mar 2020
/usr/bin/openssl enc -d -aes-256-cbc -md sha512 -salt -in deploy/ssh/deploy_id_rsa_enc -out config/deploy_id_rsa -k *** -a -pbkdf2
bad decrypt
140352307471680:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:610:
Error: Error: The process '/usr/bin/openssl' failed with exit code 1

If I execute the shown decrypt command locally with the provided password, it works as expected. The only thing I can find is that locally I have OpenSSL 1.1.1m while on Github it uses OpenSSL 1.1.1f. But I suppose, using the exact same version cannot be a requirement, right?

[mengqing]

Anyone else is having this error?

Getting the same error and unable to complete the step

Run miloserdow/capistrano-deploy@master
/usr/bin/openssl version
OpenSSL 1.1.1f  31 Mar 2020
/usr/bin/openssl enc -d -aes-256-cbc -md sha512 -salt -in .github/config/deploy/staging_enc -out config/deploy_id_rsa -k *** -a -pbkdf2
bad decrypt
140061805679936:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:610:
Error: Error: The process '/usr/bin/openssl' failed with exit code 1

Used same version 1.1.1f to enc the key

Used the same command to decrypt the key locally and it worked