mirror of
https://gitea.com/actions/appleboy-ssh-action.git
synced 2024-11-25 19:49:36 +01:00
docs: add passphrase example
This commit is contained in:
parent
e5c07fceef
commit
73767290ca
1 changed files with 18 additions and 0 deletions
18
README.md
18
README.md
|
@ -49,6 +49,7 @@ See [action.yml](./action.yml) for more detailed information.
|
||||||
* port - remote port, default is `22`
|
* port - remote port, default is `22`
|
||||||
* username - ssh username
|
* username - ssh username
|
||||||
* password - ssh password
|
* password - ssh password
|
||||||
|
* passphrase - the passphrase is usually to encrypt the private key
|
||||||
* timeout - timeout for ssh to remote host, default is `30s`
|
* timeout - timeout for ssh to remote host, default is `30s`
|
||||||
* command_timeout - timeout for ssh command, default is `10m`
|
* command_timeout - timeout for ssh command, default is `10m`
|
||||||
* key - content of ssh private key. ex raw content of ~/.ssh/id_rsa
|
* key - content of ssh private key. ex raw content of ~/.ssh/id_rsa
|
||||||
|
@ -64,6 +65,7 @@ SSH Proxy Setting:
|
||||||
* proxy_port - proxy port, default is `22`
|
* proxy_port - proxy port, default is `22`
|
||||||
* proxy_username - proxy username
|
* proxy_username - proxy username
|
||||||
* proxy_password - proxy password
|
* proxy_password - proxy password
|
||||||
|
* proxy_passphrase - the passphrase is usually to encrypt the private key
|
||||||
* proxy_timeout - timeout for ssh to proxy host, default is `30s`
|
* proxy_timeout - timeout for ssh to proxy host, default is `30s`
|
||||||
* proxy_key - content of ssh proxy private key.
|
* proxy_key - content of ssh proxy private key.
|
||||||
* proxy_key_path - path of ssh proxy private key
|
* proxy_key_path - path of ssh proxy private key
|
||||||
|
@ -219,3 +221,19 @@ How to convert to YAML format of GitHubActions.
|
||||||
mkdir abc/def
|
mkdir abc/def
|
||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Protecting a Private Key. The purpose of the passphrase is usually to encrypt the private key. This makes the key file by itself useless to an attacker. It is not uncommon for files to leak from backups or decommissioned hardware, and hackers commonly exfiltrate files from compromised systems.
|
||||||
|
|
||||||
|
```diff
|
||||||
|
- name: ssh key passphrase
|
||||||
|
uses: appleboy/ssh-action@master
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
+ passphrase: ${{ secrets.PASSPHRASE }}
|
||||||
|
script: |
|
||||||
|
whoami
|
||||||
|
ls -al
|
||||||
|
```
|
||||||
|
|
Loading…
Reference in a new issue