public
Last active

squeezing private SSH key into .travis.yml file

  • Download Gist
gistfile1.txt
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
Tricks to add encrypted private SSH key to .travis.yml file
 
 
To encrypt the private SSH key into the "-secure: xxxxx....." lines to place in the .travis.yml file, generate a deploy key then run: (to see what the encrypted data looks like, see an example here: https://github.com/veewee-community/veewee-push/blob/486102e6f508214b04414074c921475e5943f682/.travis.yml#L21
 
base64 --wrap=0 ~/.ssh/id_rsa > ~/.ssh/id_rsa_base64
ENCRYPTION_FILTER="echo \$(echo \"-\")\$(travis encrypt veewee-community/veewee-push \"\$FILE='\`cat $FILE\`'\" | grep secure:)"
split --bytes=100 --numeric-suffixes --suffix-length=2 --filter="$ENCRYPTION_FILTER" ~/.ssh/id_rsa_base64 id_rsa_
 
 
Ha! it takes 30 lines to squeeze it all in.
 
 
To reconstitute the private SSH key once running inside Travis: (see example use here: https://github.com/veewee-community/veewee-push/blob/486102e6f508214b04414074c921475e5943f682/.travis.yml#L13)
 
- echo -n $id_rsa_{00..30} >> ~/.ssh/id_rsa_base64
- base64 --decode --ignore-garbage ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config

exactly what i was looking for, thanks a lot! :)

+1 thanks alot :)

This is excellent!
It required some significant modification for use on the mac. split, for example, has different options. I created a mac version:

https://gist.github.com/davestern/9377538

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.