"Error loading certificate" when referencing SSH private key

[lorenzoiuri]

Overview of the Issue

packer validate returns error ssh_private_key_file is invalid: Error loading certificate when using field ssh_private_key_file in source qemu block.

The key file exists. The keypair has been generated from command ssh-keygen -f rsa -t rsa with no passphrase.
Also, ed25519 keys have been tested, with the same packer results.

The private and public key pairs have been tested with commands:

PRIVKEY=rsa
TESTKEY=rsa.pub
diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$TESTKEY" )

(Source: https://serverfault.com/questions/426394/how-to-check-if-an-rsa-public-private-key-pair-match)

Reproduction Steps

• Download attached archive, uncompress, cd in folder.
• Change èath values for ssh_certificate_file and ssh_private_key_file to reference the ssh keypair file paths in the archive.
• Change fields values iso_url and iso_checksum.
• Run packer validate .

Packer Plugin SDK version

• packer version: v1.11.2
• packer qemu plugin: github.com/hashicorp/qemu 1.1.0

Operating system and Environment details

Ubuntu Linux 24.04. Packer installed manually via binary download.

Log Fragments and crash.log files

Running packer with PACKER_LOG=1 does not add useful information about the key error.

In this repository (https://github.com/hashicorp/packer-plugin-sdk) I found that the string Error loading certificate is only present in file communicator/ssh/ssh.go and is returned after the function ssh.ParseAuthorizedKey, which does not seem to handle private keys but authorized_keys files.

Attachment: packer.zip

Thank you for your support.