To send RSA private keys to instances, store them in encrypted data bags. The data bag item is a JSON file that contains keys and values inline.
Use base64 encoding
Base64 encoding converts binary data to ASCII format to represent special characters, like line breaks as ASCII text. The result will be larger, 8 / 6th of the original size, as every 8 bit ASCII character only represents 6 bits of data.
To convert a file to base 64 and save it as another file
cat test.pem | base64 > test.pem.base64
If we need the result on the computer’s clipboard to paste it into a field on the screen
cat test.pem | base64 | pbcopy
To use the encoded string we need to decode it in the Chef cookbook.
Replace the newline characters with \n
To place the multi-line RSA key into the value part of the JSON file, we need to replace the new line characters with the “\n” text.
In Atom
on Mac and Windows
- Open the RSA key file in Atom,
- Press Command-F on Mac, Ctrl-F on Windows to open the Find and Replace window,
- On the right side click the Use Regex button,
- In the search field enter
\r\n
- In the replace with field enter
\\n
- Press the Replace All button
In Visual Studio Code
on Mac and Windows
- Press Command-F on Mac, Ctrl-F on Windows to open the Find dialog
- Select the Use Regular Expression button
- Enter \n into the find, \\n into the replace field
In Notepad++
on Windows
- Open the RSA key file in Notepad++,
- In the Search menu select Replace…,
- Select Extended mode in the Search Mode section,
- Enter \r\n to the Find what text box ( if the key was generated on a Windows computer using GitBash, search for \n )
- Enter \\n to the Replace with text box
- Press the Replace All button
You can place the single line key into any encrypted Data Bag file. See Data Bags on Data Bag encryption.