Skip to content

Instantly share code, notes, and snippets.

View dlenski's full-sized avatar

Dan Lenski dlenski

View GitHub Profile
@dlenski
dlenski / gist:3adcdd3dd5ed897a8e8c4f172726aaca
Created January 20, 2018 03:23 — forked from kzap/gist:5819745
If you want to give only Travis-CI access to a private key or secret file in your repository, you will need to encrypt it, but rather than storing the entire encrypted file in an environment variable, just store the a secret password in a secure environment variable that you will use to encrypt and decrypt your private key file. The encryption o…
# generate your private key, put the public key on the server you will be connecting to
ssh-keygen -t rsa -f ./my_key
# generate the password/secret you will store encrypted in the .travis.yml and use to encrypt your private key
cat /dev/urandom | head -c 10000 | openssl sha1 > ./secret
# encrypt your private key using your secret password
openssl aes-256-cbc -pass "file:./secret" -in ./my_key -out ./my_key.enc -a
# download your Travis-CI public key via the API. eg: https://api.travis-ci.org/repos/travis-ci/travis-ci/key