SCP task fails with Ed25519 keys with error "cannot identify EdDSA private key"

XMLWordPrintable

    • 2
    • Severity 2 - Major

      Issue Summary

      The SCP task fails when using Ed25519 (ssh-ed25519) keys with the error "cannot identify EdDSA private key".
      BAM-21903 was fixed in 12.1.3, a new failure now occurs at the private key signature step.

      Steps to Reproduce

      1. Generate an Ed25519 key: ssh-keygen -t ed25519
      2. Configure the Ed25519 private key in Bamboo (Shared Credentials or inline)
      3. Create a deployment project with an SCP task targeting the remote host
      4. Run the deployment

      Expected Results

      File should transfer successfully to remote host

      Actual Results

      The below exception is thrown in the deployment logs:

      19-May-2026 16:22:54	[host: linux-125507.prod.atl-cd.net] Failed to connect to host
19-May-2026 16:22:54	net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
19-May-2026 16:22:54	        at net.schmizz.sshj.SSHClient.auth(SSHClient.java:230)
19-May-2026 16:22:54	        at net.schmizz.sshj.SSHClient.authPublickey(SSHClient.java:345)
19-May-2026 16:22:54	        at com.atlassian.bamboo.plugins.scp.ScpTask.lambda$execute$7(ScpTask.java:209)
19-May-2026 16:22:54	        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768)
19-May-2026 16:22:54	        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
19-May-2026 16:22:54	        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
19-May-2026 16:22:54	        at java.base/java.lang.Thread.run(Thread.java:1583)
19-May-2026 16:22:54	Caused by: net.schmizz.sshj.userauth.UserAuthException: cannot identify EdDSA private key
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.UserAuthException$1.chain(UserAuthException.java:33)
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.UserAuthException$1.chain(UserAuthException.java:26)
19-May-2026 16:22:54	        at net.schmizz.concurrent.Promise.deliverError(Promise.java:95)
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.UserAuthImpl.notifyError(UserAuthImpl.java:157)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:604)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.Reader.run(Reader.java:66)
19-May-2026 16:22:54	Caused by: net.schmizz.sshj.common.SSHException: cannot identify EdDSA private key
19-May-2026 16:22:54	        at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:37)
19-May-2026 16:22:54	        at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:30)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:598)
19-May-2026 16:22:54	        ... 1 more
19-May-2026 16:22:54	Caused by: net.schmizz.sshj.common.SSHRuntimeException: cannot identify EdDSA private key
19-May-2026 16:22:54	        at net.schmizz.sshj.signature.AbstractSignature.initSign(AbstractSignature.java:68)
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putSig(KeyedAuthMethod.java:101)
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.method.AuthPublickey.sendSignedReq(AuthPublickey.java:74)
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.method.AuthPublickey.handle(AuthPublickey.java:45)
19-May-2026 16:22:54	        at net.schmizz.sshj.userauth.UserAuthImpl.handle(UserAuthImpl.java:143)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:495)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:113)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.Decoder.received(Decoder.java:200)
19-May-2026 16:22:54	        at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
19-May-2026 16:22:54	Caused by: java.security.InvalidKeyException: cannot identify EdDSA private key
19-May-2026 16:22:54	        at org.bouncycastle.jcajce.provider.asymmetric.edec.SignatureSpi.getLwEdDSAKeyPrivate(Unknown Source)
19-May-2026 16:22:54	        at org.bouncycastle.jcajce.provider.asymmetric.edec.SignatureSpi.engineInitSign(Unknown Source)
19-May-2026 16:22:54	        at java.base/java.security.Signature$Delegate.engineInitSign(Signature.java:1306)
19-May-2026 16:22:54	        at java.base/java.security.Signature.initSign(Signature.java:595)
19-May-2026 16:22:54	        at net.schmizz.sshj.signature.AbstractSignature.initSign(AbstractSignature.java:66)
19-May-2026 16:22:54	        ... 8 more
 

      Workaround

      Use RSA keys (ssh-keygen -t rsa -b 4096) instead of Ed25519.

              Assignee:
              Mateusz Szmal
              Reporter:
              Jyothi Charupalli
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: