Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Embed URL


Subversion checkout URL

You can clone with
Download ZIP
squeezing private SSH key into .travis.yml file
Tricks to add encrypted private SSH key to .travis.yml file
To encrypt the private SSH key into the "-secure: xxxxx....." lines to place in the .travis.yml file, generate a deploy key then run: (to see what the encrypted data looks like, see an example here:
base64 --wrap=0 ~/.ssh/id_rsa > ~/.ssh/id_rsa_base64
ENCRYPTION_FILTER="echo \$(echo \"-\")\$(travis encrypt veewee-community/veewee-push \"\$FILE='\`cat $FILE\`'\" | grep secure:)"
split --bytes=100 --numeric-suffixes --suffix-length=2 --filter="$ENCRYPTION_FILTER" ~/.ssh/id_rsa_base64 id_rsa_
Ha! it takes 30 lines to squeeze it all in.
To reconstitute the private SSH key once running inside Travis: (see example use here:
- echo -n $id_rsa_{00..30} >> ~/.ssh/id_rsa_base64
- base64 --decode --ignore-garbage ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- echo -e "Host\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config

brilliant! thank you


exactly what i was looking for, thanks a lot! :)


+1 thanks alot :)


This is excellent!
It required some significant modification for use on the mac. split, for example, has different options. I created a mac version:


Thanks for sharing this code!

The OS X version on doesn't understand that {00..30} should give 00 01 02..etc and just returns 0 1 2..etc
so the first 10 variables won't get printed to the file, and the key (obviously) doesn't work...

i solved it with a small for-loop combined with printf, also my version works the same on the linux and osx workers


The travis CLI changed a little, has to be travis encrypt -r me/repo now, note the -r.

EDIT: Just noticed that travis now has the ability to encrypt files directly. (see travis encrypt-file)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.