Serialize SSH and RSA private keys to store them in a Chef Data Bag

To send RSA private keys to instances, store them in encrypted data bags. The data bag item is a JSON file that contains keys and values.

To place the multi-line RSA key into the value part of the JSON file, we need to replace the new line characters with “\n”

On Macintosh

we will use Atom to do the replacement:

  1. Open the RSA key file in Atom,
  2. Press Command F to open the Find and Replace window,
  3. On the right side click the Use Regex button,
  4. In the search field enter
    \r\n
  5. In the replace with field enter
    \\n
  6. Press the Replace All button

On Windows

we can use Notepad++ to do the replacement:

  • Open the RSA key file in Notepad++,
  • In the Search menu select Replace…,
  • Select Extended mode in the Search Mode section,
  • Enter \r\n to the Find what text box
  • Enter * (star) to the Replace with text box 
  • Press the Replace All button

rsa-key-in-data-bag-01

  • Select Normal in the Search Mode section,
  • Enter *  (star) to the Find what text box
  • Enter \n to the Replace with text box
  • Press the Replace All button

rsa-key-in-data-bag-02

You can place the single line key into any encrypted Data Bag file. See Data Bags on Data Bag encryption.