Foreman prints instructions for how to generate a SSH keypair for Remote Execution, something like ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_foreman_proxy -N '', iirc.
With ssh-keygen from OpenSSH 7.8 this will result in a private key file that current version of NET::SSH can’t read.
First NET::SSH will tell you to install the ed25519 Gem, and if you do that, you’ll get a cryptic error message like expected 64-byte string but got 3.
The reason is this bug: https://github.com/net-ssh/net-ssh/issues/633
A workaround is to add “-m PEM” to the ssh-keygen invocation, or to use “-t ed25519” instead of “-t rsa”.