Search code examples
sftppower-automatessh-keys

Power Automate SFTP error: Badgateway - Permission denied (publickey)

I have a Power Automate workflow which was working successfully until today. I attempted to rename the connector, which automatically wiped all of the information. I re-entered all of the information, but I am running into an SSH key error.

I have a .ppk file which contains both the public and private keys. Using that .ppk file I am able to successfully connect via FileZilla.

I read that Power Automate does not accept .ppk files, so I took the following steps to generate a new RSA private key:

  • In PuttyGen, I loaded the .ppk file with the correct passphrase
  • In the toolbar I clicked Conversions > Export OpenSSH Key
  • This generated a .pem file that looks something like below:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: xxx-xxxx-xxx,xxxxxxxxxxxxxxx

[key characters]
-----END RSA PRIVATE KEY-----

I have also tried using the Private-Lines section of the .ppk file surrounded by BEGIN/END RSA PRIVATE KEY, with a different error (DER length is '56' and cannot be more than 4 bytes). That key looks like below:

-----BEGIN RSA PRIVATE KEY-----
[copy/paste the private key from the .ppk file]
----END RSA PRIVATE KEY-----

I have been using the devtools to track network traffic, so when I go to save the Connection in Power Automate it gives the error Permission denied (publickey). The parent error message has a status of 502 with the message BadGateway.

I know the key is valid because I am able to connect to it via FileZilla, and the flow was working successfully yesterday. I have seen countless posts online about this same issue, with very little solutions posted. Has anybody else encountered this issue?

Edit: I am including the original .ppk file, with everything sensitive removed.

PuTTY-User-Key-File-3: ssh-rsa
Encryption: aes256-cbc
Comment: rsa-key-20220916
Public-Lines: 6
[public key characters]
Key-Derivation: Argon2id
Argon2-Memory: 8192
Argon2-Passes: 13
Argon2-Parallelism: 1
Argon2-Salt: [hex string]
Private-Lines: 14
[private key characters]
Private-MAC: [hex string]
Solution

  • I managed to find a solution by following this YouTube video. In short, Power Automate only accepts OpenSSH keys, which I stated above. The original .ppk file I used included a passphrase, so I included it in the OpenSSH key generation. However for some reason Power Automate does not like passphrases. Creating an OpenSSH key without a passphrase did the trick. Hopefully this helps somebody in the future.

    So in short, follow these steps:

    • Import the .ppk file to PuttyGen (and input your passphrase when prompted)
    • Remove the passphrase
    • Go to Conversions > Export OpenSSH Key
    • Use that key in Power Automate, and leave the passphrase field blank