Description
Thank you for this great job!
If the playbook uses an RSA key in pem-format, it passes validation normally at this point:
If re.match('^-----BEGIN ((EC|RSA) )?PRIVATE KEY-----$', lines[0]) and re.match'^-----END ((EC|RSA) )?PRIVATE KEY-----$', lines[-1]):
But if this key is encoded in base 64, it will not pass validation here:
elif not re.match('LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0t', key):
If we encode -----BEGIN PRIVATE KEY----- in base64, we get LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0t, which is what the validation says
But if we encode -----BEGIN RSA PRIVATE KEY-----, we get LS0tLS1CRUdJTiBSU0EgUFJJJVkFURSBLRVktLS0tLQ==, and at this point the playbook crashes into an error:
fatal: [GW1]: FAILED! => { “changed”: false, “msg”: “Could not recognize key format: ********”}