yypan/ssh-action
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: yypan:master
Branches Tags
yypan:master
yypan:git
yypan:testing
yypan:v1.0.1
yypan:v1.0.0
yypan:v0.1.10
yypan:v0.1.9
yypan:v0.1.8
yypan:v0.1.7
yypan:v0.1.6
yypan:v0.1.5
yypan:v0.1.4
yypan:v0.1.3
yypan:v0.1.2
yypan:v0.1.1
yypan:v0.1.0
yypan:v0.0.9
yypan:v0.0.8
yypan:v0.0.7
yypan:v0.0.6
yypan:v0.0.5
yypan:v0.0.4
yypan:v0.0.3
yypan:v0.0.2
yypan:v0.0.1
..
compare: yypan:testing
Branches Tags
yypan:master
yypan:git
yypan:testing
yypan:v1.0.1
yypan:v1.0.0
yypan:v0.1.10
yypan:v0.1.9
yypan:v0.1.8
yypan:v0.1.7
yypan:v0.1.6
yypan:v0.1.5
yypan:v0.1.4
yypan:v0.1.3
yypan:v0.1.2
yypan:v0.1.1
yypan:v0.1.0
yypan:v0.0.9
yypan:v0.0.8
yypan:v0.0.7
yypan:v0.0.6
yypan:v0.0.5
yypan:v0.0.4
yypan:v0.0.3
yypan:v0.0.2
yypan:v0.0.1

3 Commits
master ... testing

Author SHA1 Message Date
Bo-Yi Wu
a8507403de chore: update 2023-03-03 10:06:00 +08:00
Bo-Yi Wu
ae7ad55e72 chore: update 2023-03-03 10:03:18 +08:00
Bo-Yi Wu
2673bdf5f5 chore(CI): Add testing 2023-03-03 10:01:58 +08:00
12 changed files with 374 additions and 714 deletions
Show Stats Expand all files Collapse all files

194
.github/workflows/ci.yml vendored
View File

@ -6,33 +6,14 @@ env:
BAR: "FOO"
jobs:
testing01:
name: default flag testing
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: correct password but wrong key
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
key: "1234"
port: ${{ secrets.PORT }}
script: whoami
- name: wrong password but correct key
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: "abcdef"
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: ./
with:
@ -62,20 +43,51 @@ jobs:
whoami
ls -al
- name: stop script if command error
# - name: stop script if command error
# if: always()
# uses: ./
# with:
# host: ${{ secrets.HOST }}
# username: ${{ secrets.USERNAME }}
# key: ${{ secrets.KEY }}
# port: ${{ secrets.PORT }}
# script_stop: true
# script: |
# mkdir abc/def
# ls -al
- name: pass environment
uses: ./
continue-on-error: true
env:
FOO: "BAR"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
sync: true
debug: true
envs: FOO
script: |
mkdir abc/def
ls -al
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: ./
env:
FOO: "BAR"
BAR: "FOO"
SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }}
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
- name: ssh key passphrase
uses: ./
@ -137,127 +149,3 @@ jobs:
# key: ${{ secrets.ID_ED25519 }}
# port: ${{ secrets.TUNNEL_PORT }}
# script: whoami
testing02:
name: testing with envs
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: pass environment
uses: ./
env:
FOO: "BAR"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: ./
env:
FOO: "BAR"
BAR: "FOO"
SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }}
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
sh test.sh
- name: custom envs format
uses: ./
env:
FOO: "BAR"
AAA: "BBB"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,AAA
envs_format: export TEST_{NAME}={VALUE}
script: |
echo "I am $TEST_FOO, thanks"
echo "I am $TEST_BAR, thanks"
echo "I am $BAR, thanks"
echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script
uses: ./
env:
INPUT_FOO: "BAR"
INPUT_AAA: "BBB"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
allenvs: true
script: |
echo "I am $INPUT_FOO, thanks"
echo "I am $INPUT_AAA, thanks"
echo "$GITHUB_BASE_REF"
echo "$GITHUB_REF"
testing03:
name: git clone and pull
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: clone private repository
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository
rm -rf test_repository
testing04:
name: docker login and pull
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: login GitHub Container Registry
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin
- name: login DockerHub Container Registry
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin

31
.github/workflows/testing.yml vendored Normal file
View File

@ -0,0 +1,31 @@
name: Testing
on:
push:
pull_request:
jobs:
testing:
runs-on: ubuntu-latest
container: golang:1.20-alpine
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: setup sshd server
run: |
apk add git make curl perl bash build-base zlib-dev ucl-dev
make ssh-server
- name: executing remote ssh commands using password
uses: ./
with:
host: 127.0.0.1
username: drone-ssh
password: 1234
port: 22
script: whoami
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3

8
Dockerfile
View File

@ -1,5 +1,5 @@
FROM ghcr.io/appleboy/drone-ssh:1.7.1
FROM appleboy/drone-ssh:1.6.5-linux-amd64
COPY entrypoint.sh /bin/entrypoint.sh
ENTRYPOINT ["/bin/entrypoint.sh"]
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]

15
Makefile Normal file
View File

@ -0,0 +1,15 @@
ssh-server:
adduser -h /home/drone-ssh -s /bin/sh -D -S drone-ssh
echo drone-ssh:1234 | chpasswd
mkdir -p /home/drone-ssh/.ssh
chmod 700 /home/drone-ssh/.ssh
cat tests/.ssh/id_rsa.pub >> /home/drone-ssh/.ssh/authorized_keys
cat tests/.ssh/test.pub >> /home/drone-ssh/.ssh/authorized_keys
chmod 600 /home/drone-ssh/.ssh/authorized_keys
chown -R drone-ssh /home/drone-ssh/.ssh
# install ssh and start server
apk add --update openssh openrc
rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
./tests/entrypoint.sh /usr/sbin/sshd -D &

136
README.md
View File

@ -1,7 +1,5 @@
# 🚀 SSH for GitHub Actions
[繁體中文](./README.zh-tw.md)
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
![ssh workflow](./images/ssh-workflow.png)
@ -10,44 +8,41 @@
**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
## Input variables
See [action.yml](./action.yml) for more detailed information.
| Input Parameter | Description | Default Value |
|-------------------------|-----------------------------------------------------------------|---------------|
| host | SSH host address | |
| port | SSH port number | 22 |
| passphrase | SSH key passphrase | |
| username | SSH username | |
| password | SSH password | |
| sync | Enable synchronous execution if multiple hosts | false |
| use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
| cipher | Allowed cipher algorithms. If unspecified, a sensible default | |
| timeout | Timeout duration for SSH to host | 30s |
| command_timeout | Timeout duration for SSH command | 10m |
| key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | |
| key_path | Path of SSH private key | |
| fingerprint | SHA256 fingerprint of the host public key | |
| proxy_host | SSH proxy host | |
| proxy_port | SSH proxy port | 22 |
| proxy_username | SSH proxy username | |
| proxy_password | SSH proxy password | |
| proxy_passphrase | SSH proxy key passphrase | |
| proxy_timeout | Timeout for SSH to proxy host | 30s |
| proxy_key | Content of SSH proxy private key | |
| proxy_key_path | Path of SSH proxy private key | |
| proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
| proxy_cipher | Allowed cipher algorithms for the proxy | |
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
| script | Execute commands | |
| script_stop | Stop script after first failure | false |
| envs | Pass environment variables to shell script | |
| envs_format | Flexible configuration of environment value transfer | |
| debug | Enable debug mode | false |
| allenvs | Pass all environment variables to shell script | false |
* `host` - ssh host
* `port` - ssh port, default is `22`
* `username` - ssh username
* `password` - ssh password
* `passphrase` - the passphrase is usually to encrypt the private key
* `sync` - synchronous execution if multiple hosts, default is false
* `timeout` - timeout for ssh to remote host, default is `30s`
* `command_timeout` - timeout for ssh command, default is `10m`
* `key` - content of ssh private key. ex raw content of ~/.ssh/id_rsa, remember include the BEGIN and END lines
* `key_path` - path of ssh private key
* `fingerprint` - fingerprint SHA256 of the host public key, default is to skip verification
* `script` - execute commands
* `script_stop` - stop script after first failure
* `envs` - pass environment variable to shell script
* `debug` - enable debug mode
* `use_insecure_cipher` - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56))
* `cipher` - the allowed cipher algorithms. If unspecified then a sensible
SSH Proxy Setting:
* `proxy_host` - proxy host
* `proxy_port` - proxy port, default is `22`
* `proxy_username` - proxy username
* `proxy_password` - proxy password
* `proxy_passphrase` - the passphrase is usually to encrypt the private key
* `proxy_timeout` - timeout for ssh to proxy host, default is `30s`
* `proxy_key` - content of ssh proxy private key.
* `proxy_key_path` - path of ssh proxy private key
* `proxy_fingerprint` - fingerprint SHA256 of the proxy host public key, default is to skip verification
* `proxy_use_insecure_cipher` - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56))
* `proxy_cipher` - the allowed cipher algorithms. If unspecified then a sensible
## Usage
@ -63,7 +58,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -90,46 +85,76 @@ Make sure to follow the below steps while creating SSH Keys and using them.
The best practice is create the SSH Keys on local machine not remote machine.
Login with username specified in Github Secrets. Generate a RSA Key-Pair:
### Generate rsa key
<details>
<summary>rsa</summary>
<p>
```bash
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
```
### Generate ed25519 key
</p>
</details>
<details>
<summary>ed25519</summary>
<p>
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
</p>
</details>
Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
### Add rsa key into Authorized keys
<details>
<summary>rsa</summary>
<p>
```bash
cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
### Add ed25519 key into Authorized keys
</p>
</details>
<details>
<summary>ed25519</summary>
<p>
```bash
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
</p>
</details>
Copy Private Key content and paste in Github Secrets.
### Copy rsa Private key
<details>
<summary>rsa</summary>
<p>
```bash
clip < ~/.ssh/id_rsa
```
### Copy ed25519 Private key
</p>
</details>
<details>
<summary>ed25519</summary>
<p>
```bash
clip < ~/.ssh/id_ed25519
```
</p>
</details>
See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
@ -146,7 +171,8 @@ If you are currently using OpenSSH and are getting the following error:
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
```
Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under
`/etc/ssh/sshd_config.d/`):
```bash
CASignatureAlgorithms +ssh-rsa
@ -164,7 +190,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -177,7 +203,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -190,7 +216,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: multiple command
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -207,7 +233,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
@ -223,7 +249,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
@ -238,7 +264,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: "foo.com,bar.com"
+ sync: true
@ -254,7 +280,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: pass environment
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
@ -279,7 +305,7 @@ _Inside `env` object, you need to pass every environment variable as a string, p
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -332,7 +358,7 @@ Host FooServer
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -355,7 +381,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@ -381,7 +407,7 @@ Now you can adjust you config:
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.1
uses: appleboy/ssh-action@v0.1.6
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}

393
README.zh-tw.md
View File

@ -1,393 +0,0 @@
# 🚀 用於 GitHub Actions 的 SSH
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
**注意** 只支援在 **Linux** [docker](https://www.docker.com/) 容器上執行。
## 輸入變數
更詳細的資訊,請參閱 [action.yml](./action.yml)。
* `host` - SSH 主機
* `port` - SSH 連接埠,預設為 `22`
* `username` - SSH 使用者名稱
* `password` - SSH 密碼
* `passphrase` - 通常用於加密私鑰的 passphrase
* `sync` - 同步執行多個主機上的命令,預設為 false
* `timeout` - SSH 連接到遠端主機的超時時間,預設為 `30s`
* `command_timeout` - SSH 命令超時時間,預設為 10m
* `key` - SSH 私鑰的內容,例如 ~/.ssh/id_rsa 的原始內容,請記得包含 BEGIN 和 END 行
* `key_path` - SSH 私鑰的路徑
* `fingerprint` - 主機公鑰的 SHA256 指紋,預設為略過驗證
* `script` - 執行命令
* `script_stop` - 當出現第一個錯誤時停止執行命令
* `envs` - 傳遞環境變數到 shell script
* `debug` - 啟用偵錯模式
* `use_insecure_cipher` - 使用不安全的密碼ciphers進行加密參見 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `cipher` - 允許使用的密碼ciphers演算法。如果未指定則使用適當的演算法
SSH 代理設置:
* `proxy_host` - 代理主機
* `proxy_port` - 代理端口,預設為 `22`
* `proxy_username` - 代理使用者名稱
* `proxy_password` - 代理密碼
* `proxy_passphrase` - 密碼通常用於加密私有金鑰
* `proxy_timeout` - SSH 連線至代理主機的逾時時間,預設為 `30s`
* `proxy_key` - SSH 代理私有金鑰內容
* `proxy_key_path` - SSH 代理私有金鑰路徑
* `proxy_fingerprint` - 代理主機公鑰的 SHA256 指紋,預設為跳過驗證
* `proxy_use_insecure_cipher` - 使用不安全的加密方式,請參閱 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `proxy_cipher` - 允許的加密算法。如果未指定,則使用合理的算法
## 使用方式
執行遠端 SSH 命令
```yaml
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
畫面輸出
```sh
======CMD======
whoami
======END======
out: ***
==============================================
✅ Successfully executed commands to all host.
==============================================
```
### 設置 SSH 金鑰
請在創建 SSH 金鑰並使用 SSH 金鑰時遵循以下步驟。最佳做法是在本地機器上創建 SSH 金鑰而不是遠端機器上。請使用 Github Secrets 中指定的用戶名登錄。生成 RSA 金鑰:
### 生成 RSA 金鑰
```bash
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
```
### 生成 ed25519 金鑰
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
將新生成的金鑰添加到已授權的金鑰中。詳細了解已授權的金鑰請點擊[此處](https://www.ssh.com/ssh/authorized_keys/).
### 將 RSA 金鑰添加到已授權金鑰中
```bash
cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
### 將 ed25519 金鑰添加到已授權金鑰中
```bash
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
複製私鑰內容,然後將其粘貼到 Github Secrets 中。
### 複製 rsa 私鑰內容
```bash
clip < ~/.ssh/id_rsa
```
### 複製 ed25519 私鑰內容
```bash
clip < ~/.ssh/id_ed25519
```
有關無需密碼登錄 SSH 的詳細信息,請[參見該網站](http://www.linuxproblem.org/art_9.html)。
**來自讀者的注意事項** 根據您的 SSH 版本,您可能還需要進行以下更改:
* 將公鑰放在 `.ssh/authorized_keys2`
* 將 `.ssh` 的權限更改為700
* 將 `.ssh/authorized_keys2` 的權限更改為640
### 如果你使用的是 OpenSSH
如果您正在使用 OpenSSH並出現以下錯誤
```bash
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
```
請確保您所選擇的密鑰演算法得到支援。在 Ubuntu 20.04 或更高版本上,您必須明確允許使用 SSH-RSA 演算法。請在 OpenSSH 守護進程文件中添加以下行(它可以是 `/etc/ssh/sshd_config``/etc/ssh/sshd_config.d/` 中的一個附著文件):
```bash
CASignatureAlgorithms +ssh-rsa
```
或者,`Ed25519` 密鑰在 OpenSSH 中默認被接受。如果需要,您可以使用它來替代 RSA。
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
### Example
#### 使用密碼執行遠端 SSH 命令
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
#### 使用私鑰
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: whoami
```
#### 多個命令
```yaml
- name: multiple command
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
```
![result](./images/output-result.png)
#### 多台主機
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.1
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
```
#### 多個不同端口的主機
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.1
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
script: |
whoami
ls -al
```
#### 在多個主機上同步執行
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.1
with:
host: "foo.com,bar.com"
+ sync: true
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
```
#### 將環境變量傳遞到 Shell 腳本
```diff
- name: pass environment
uses: appleboy/ssh-action@v1.0.1
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
+ SHA: ${{ github.sha }}
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ envs: FOO,BAR,SHA
script: |
echo "I am $FOO"
echo "I am $BAR"
echo "sha: $SHA"
```
_在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳遞 `Integer` 數據類型或任何其他類型可能會產生意外結果。_
#### 在第一次失敗後停止腳本
> ex: missing `abc` folder
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ script_stop: true
script: |
mkdir abc/def
ls -al
```
畫面輸出:
```sh
======CMD======
mkdir abc/def
ls -al
======END======
2019/11/21 01:16:21 Process exited with status 1
err: mkdir: cannot create directory abc/def: No such file or directory
##[error]Docker run failed with exit code 1
```
#### 如何使用 `ProxyCommand` 連接遠程服務器?
```bash
+--------+ +----------+ +-----------+
| Laptop | <--> | Jumphost | <--> | FooServer |
+--------+ +----------+ +-----------+
```
在您的 `~/.ssh/config` 文件中,您會看到以下內容。
```bash
Host Jumphost
HostName Jumphost
User ubuntu
Port 22
IdentityFile ~/.ssh/keys/jump_host.pem
Host FooServer
HostName FooServer
User ubuntu
Port 22
ProxyCommand ssh -q -W %h:%p Jumphost
```
#### 如何將其轉換為 GitHubActions 的 YAML 格式?
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ proxy_host: ${{ secrets.PROXY_HOST }}
+ proxy_username: ${{ secrets.PROXY_USERNAME }}
+ proxy_key: ${{ secrets.PROXY_KEY }}
+ proxy_port: ${{ secrets.PROXY_PORT }}
script: |
mkdir abc/def
ls -al
```
#### 如何保護私鑰?
密碼短語通常用於加密私鑰。這使得攻擊者無法單獨使用密鑰文件。文件泄露可能來自備份或停用的硬件,黑客通常可以從受攻擊系統中洩露文件。因此,保護私鑰非常重要。
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ passphrase: ${{ secrets.PASSPHRASE }}
script: |
whoami
ls -al
```
#### 使用主機指紋驗證
設置 SSH 主機指紋驗證可以幫助防止中間人攻擊。在設置之前,運行以下命令以獲取 SSH 主機指紋。請記得將 `ed25519` 替換為您的適當金鑰類型(`rsa`、 `dsa`等),而 `example.com` 則替換為您的主機。
現代 OpenSSH 版本中需要提取的_默認金鑰_類型是 `rsa`(從版本 5.1 開始)、`ecdsa`(從版本 6.0 開始)和 `ed25519`(從版本 6.7 開始)。
```sh
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
```
現在您可以調整您的配置:
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ fingerprint: ${{ secrets.FINGERPRINT }}
script: |
whoami
ls -al
```
## 貢獻
我們非常希望您為 `appleboy/ssh-action` 做出貢獻,歡迎提交請求!
## 授權方式
本項目中的腳本和文檔采用 [MIT](LICENSE) 許可證 發布。

69
action.yml
View File

@ -3,70 +3,71 @@ description: 'Executing remote ssh commands'
author: 'Bo-Yi Wu'
inputs:
host:
description: 'SSH host address.'
description: 'ssh host'
port:
description: 'SSH port number.'
default: "22"
description: 'ssh port'
default: 22
passphrase:
description: 'Passphrase for the SSH key.'
description: 'ssh key passphrase'
username:
description: 'SSH username.'
description: 'ssh username'
password:
description: 'SSH password.'
description: 'ssh password'
sync:
description: 'Enable synchronous execution if multiple hosts are involved.'
description: 'synchronous execution if multiple hosts'
default: false
use_insecure_cipher:
description: 'Include more ciphers by using insecure ciphers.'
description: 'include more ciphers with use_insecure_cipher'
default: false
cipher:
description: 'Allowed cipher algorithms. If unspecified, a sensible default is used.'
description: 'the allowed cipher algorithms. If unspecified then a sensible'
timeout:
description: 'Timeout duration for establishing SSH connection to the host.'
description: 'timeout for ssh to host'
default: "30s"
command_timeout:
description: 'Timeout duration for SSH commands execution.'
description: 'timeout for ssh command'
default: "10m"
key:
description: 'Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa.'
description: 'content of ssh private key. ex raw content of ~/.ssh/id_rsa'
key_path:
description: 'Path to the SSH private key file.'
description: 'path of ssh private key'
fingerprint:
description: 'SHA256 fingerprint of the host public key.'
description: 'sha256 fingerprint of the host public key'
proxy_host:
description: 'SSH proxy host address.'
description: 'ssh proxy host'
proxy_port:
description: 'SSH proxy port number.'
default: "22"
description: 'ssh proxy port'
default: 22
proxy_username:
description: 'SSH proxy username.'
description: 'ssh proxy username'
proxy_password:
description: 'SSH proxy password.'
description: 'ssh proxy password'
proxy_passphrase:
description: 'SSH proxy key passphrase.'
description: 'ssh proxy key passphrase'
proxy_timeout:
description: 'Timeout duration for establishing SSH connection to the proxy host.'
description: 'timeout for ssh to proxy host'
default: "30s"
proxy_key:
description: 'Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa.'
description: 'content of ssh proxy private key. ex raw content of ~/.ssh/id_rsa'
proxy_key_path:
description: 'Path to the SSH proxy private key file.'
description: 'path of ssh proxy private key'
proxy_fingerprint:
description: 'SHA256 fingerprint of the proxy host public key.'
description: 'sha256 fingerprint of the proxy host public key'
proxy_cipher:
description: 'Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used.'
description: 'the allowed cipher algorithms. If unspecified then a sensible'
proxy_use_insecure_cipher:
description: 'Include more ciphers for the proxy by using insecure ciphers.'
description: 'include more ciphers with use_insecure_cipher'
default: false
script:
description: 'Commands to be executed.'
description: 'execute commands'
script_stop:
description: 'Stop the script after the first failure.'
description: 'stop script after first failure'
default: false
envs:
description: 'Environment variables to be passed to the shell script.'
envs_format:
description: 'Flexible configuration for environment value transfer.'
description: 'pass environment variable to shell script'
debug:
description: 'Enable debug mode.'
allenvs:
description: 'pass all environment variable to shell script.'
description: 'enable debug mode'
default: false
runs:
using: 'docker'
image: 'Dockerfile'

27
tests/.ssh/id_rsa Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26
VbfAF0hIJji7ltvnYnqCU9oFfvEM33cTn7T96+od8ib/Vz25YU8ZbstqtIskPuwC
bv3K0mAHgsviJyRD7yM+QKTbBQEgbGuW6gtbMKhiYfiIB4Dyj7AdS/fk3v26wDgz
7SHI5OBqu9bv1KhxQYdFEnU3PAtAqeccgzNpbH3eYLyGzuUxEIJlhpZ/uU2G9ppj
/cSrONVPiI8Ahi4RrlZjmP5l57/sq1ClGulyLpFcMw68kP5FikyqHpHJHRBNgU57
1y0Ph33SjBbs0haCIAcmreWEhGe+/OXnJe6VUQIDAQABAoIBAH97emORIm9DaVSD
7mD6DqA7c5m5Tmpgd6eszU08YC/Vkz9oVuBPUwDQNIX8tT0m0KVs42VVPIyoj874
bgZMJoucC1G8V5Bur9AMxhkShx9g9A7dNXJTmsKilRpk2TOk7wBdLp9jZoKoZBdJ
jlp6FfaazQjjKD6zsCsMATwAoRCBpBNsmT6QDN0n0bIgY0tE6YGQaDdka0dAv68G
R0VZrcJ9voT6+f+rgJLoojn2DAu6iXaM99Gv8FK91YCymbQlXXgrk6CyS0IHexN7
V7a3k767KnRbrkqd3o6JyNun/CrUjQwHs1IQH34tvkWScbseRaFehcAm6mLT93RP
muauvMECgYEA9AXGtfDMse0FhvDPZx4mx8x+vcfsLvDHcDLkf/lbyPpu97C27b/z
ia07bu5TAXesUZrWZtKA5KeRE5doQSdTOv1N28BEr8ZwzDJwfn0DPUYUOxsN2iIy
MheO5A45Ko7bjKJVkZ61Mb1UxtqCTF9mqu9R3PBdJGthWOd+HUvF460CgYEA7QRf
Z8+vpGA+eSuu29e0xgRKnRzed5zXYpcI4aERc3JzBgO4Z0er9G8l66OWVGdMfpe6
CBajC5ToIiT8zqoYxXwqJgN+glir4gJe3mm8J703QfArZiQrdk0NTi5bY7+vLLG/
knTrtpdsKih6r3kjhuPPaAsIwmMxIydFvATKjLUCgYEAh/y4EihRSk5WKC8GxeZt
oiZ58vT4z+fqnMIfyJmD5up48JuQNcokw/LADj/ODiFM7GUnWkGxBrvDA3H67WQm
49bJjs8E+BfUQFdTjYnJRlpJZ+7Zt1gbNQMf5ENw5CCchTDqEq6pN0DVf8PBnSIF
KvkXW9KvdV5J76uCAn15mDkCgYA1y8dHzbjlCz9Cy2pt1aDfTPwOew33gi7U3skS
RTerx29aDyAcuQTLfyrROBkX4TZYiWGdEl5Bc7PYhCKpWawzrsH2TNa7CRtCOh2E
R+V/84+GNNf04ALJYCXD9/ugQVKmR1XfDRCvKeFQFE38Y/dvV2etCswbKt5tRy2p
xkCe/QKBgQCkLqafD4S20YHf6WTp3jp/4H/qEy2X2a8gdVVBi1uKkGDXr0n+AoVU
ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1
7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA==
-----END RSA PRIVATE KEY-----

1
tests/.ssh/id_rsa.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDh7YP+o83TynNNpz5rxmaU/XOIk5eTjkLKcw+29rSu0r9EHbpVt8AXSEgmOLuW2+dieoJT2gV+8QzfdxOftP3r6h3yJv9XPblhTxluy2q0iyQ+7AJu/crSYAeCy+InJEPvIz5ApNsFASBsa5bqC1swqGJh+IgHgPKPsB1L9+Te/brAODPtIcjk4Gq71u/UqHFBh0USdTc8C0Cp5xyDM2lsfd5gvIbO5TEQgmWGln+5TYb2mmP9xKs41U+IjwCGLhGuVmOY/mXnv+yrUKUa6XIukVwzDryQ/kWKTKoekckdEE2BTnvXLQ+HfdKMFuzSFoIgByat5YSEZ7785ecl7pVR drone-scp@localhost

50
tests/.ssh/test Normal file
View File

@ -0,0 +1,50 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAgX0UT5U
dbd5qk/WLiRyDeAAAAEAAAAAEAAAIXAAAAB3NzaC1yc2EAAAADAQABAAACAQDojzlRtxSq
AaOGaPHwCSRlsw870qwpc55W5AxlcOsbFZdtSwZ/dESBu5ql3dLsTB7WcqXoaA7Qp3w5GV
RcFxn+5r2dL17MPe3zZrLNZulbnkXiaVgYLjWa0cAv9zD+0nR8/mtz2DbkpKCD8R3oLJ2B
z5oscT2XLcPvIKZlw2eBErpSopLxfpPyhU8WNK9E38mUl2tjtiBVIoIJmtgYWY8XmIpEUR
iiRjPidBJUVmLq9kKdUV62V/pMB2UDzqPJUiuABgzh8/9/qM81uMCwyqULzaVhPE+S9P7L
dv1Npj5nqwOmUcGj0dhofi+F+qZ8WqGkQJ5JPam0LkGuMKGNJywrxo8XTXSpYCUvbKrTWo
0/1GNLCcHpIcjhUUJGObOMk1YI0Tu52PGpzDf1kI+zzAgPqWxxzegQdLcPIgm4I6x6S48E
V13THoAoU5T+rLrhE0i6FokGIwKv4SycDtFCvIdOr1jxJpw0CrKHqMG/kzeljtM1HOojD5
gHwESwwsZL5P5/IWvnZlGZD0fAp/SPWpZIeMTeH12QANxX69RoQfKLRMYWSabDUvGKkIxQ
CBaoVOmyVQIqyT5wTZ3msfGVLb729TlZcNo+8snG0k2W9skdlahx1TugzE096P+RzjUfov
6g1NZKHCN8VSeu4+gmPIEiuN3tt99dKDNBMx/QYLfPpwAAB1DxxEspVRHEF4mTxw4+hFhe
855+u3ffHmjgrK7IWZqrrze8bayRAVKPK7UMux4ZCOccc1ydtJFGUrZw8Q5gMe+Y+TusXE
WB7LWZK5an/WrEVe1jNgxwrQKjXauKtTY33CFnnTvdE8dUixHr3AddYq1gQ4WcB7v08sj6
f8V4yf80u294H5pjYxFMmTu4QldphV/mZcPQCyuzZKmkPLK2TzZWqGk615zJDd/W8Inm1c
IJTQPH4tIA3X3daThxOMLC3eQXC2rvl7qaSz2k8ok7LnND8GrTU0CnE6XUMNjRjlxXO+6n
XGVILifwk+bdLlE6aPIqhSuwx/TnbzHwj8DYnd5/Da/KdXpbc4T+925w6til98lyfRICol
So6gXace2IK33LKEAaEIr3im+ZFgSIvWZdPu/ZPV7nlNcb/rbMsRF6fKAMFA/kpPr4z5tQ
0pMJYfUmPCMdP7ahZ3km/Cpmee/VQ07s11myA2XeaEPov6yNrHJJtnAp5wsZ5s6ifLmoyl
WEPKt8YoIIDib44ANoyhgf6+PA2i+367p5U55ynI6HTXOdB/xWqJ7k4Rah4BSbd1t73wyU
kh04/9+YGDabwup7WzT07S7b+T5tGKAwMwK0cE/y5RyVI5JwT2b7fvbO6YH9ZFaNOMT+e0
jBpsrEDkdqnVaFU5b6yWO4Gw6I4Myw+ByATlPM6rmAQoOgfmQmoI47UiTYPr4bLvB7w02B
yQb2AxWDFdCJadZDTpFp5E5mXudt3JnfnKpR+9zDud4AahEU63ggJn0gpd51zRtqrTViob
qnZ9UtMl9dzGReZFInS6Uq6ge4JJlsxhEVREr/RPUa4NldT7nRMnfxlnwiVcgrdNdeL2Ho
5azXYMsDsACBR9rmz6h7JOpM/oyupbyitGtJMiBrR20UD264L4zZIBU4d6MXQADdOo+oKE
OofB9Zj9ovIAGzb9SNAh7vEXE0X6C/EdRNI/DOlca15bd33r+HgKTIONqTws2wThLnSx1r
W0voqE6SnhUhQ1FovxtBFYE1Ve8HR7BGyO6AJGQOpqivLry7W1BJyOiwSJ+DDUmcrnCyqJ
IoDc9pHQ/9hBlJz2qeBNaSdwMZWKkTCnIYq1f8FAKdRqujFx81toUZw7Lb03JmKZBlALvU
PvXcfxCDqSVy66SHVEtGvegFCeo0gQJS0BywQkushDVSoqGQppVoICNtyuzaMzpzkWj5tP
iYJzm5VBDucWkCmmqzFVVVdeX4Vd5crQ08ZeuHHOAL61bKde7ji1XnvlmllpByeHA5uPef
mGmgf/A1fM3MqioWW/C/Beffe5tJDKxoG7lavIg7F83c48wk+SeJ+2twNMySu1PDYmlRvb
VUdy1LtjutFtvySYBDHTFUOkvTOCX01gMTaB8HhaZAA+cjt91jrdKkKBh8spQHg1En/oaR
rmuqMWuMadxKIlzUBWLkAme78ce0SbpnGmBG1jz6kbjF3ZWWFJVj+3DHwE9dydfX4gCKT8
iV3IuifJLGtmaQO5AgpquMWYKsdOI+HCsWN2+YngqScmfokMSR4bn8DmcLNVYzzNkfo2/o
Oc/ZHtSJlXsY/5el+Bg4FBsvX3akyz32KJ9azsexjMFQl6dt5e6qAeV7kGKic8uaqXhWYW
l/sKzuqXVqVP8QwfipH+SZB3b71canc2mnC3+eXroSgG9yYneGzxfP4ppABGRu/hSyLaaq
tGyqgelrCXKSiWQs/Vgj46zEAoeIvLW9/NwnPkV3r499Ieh7kqMl2iZzpBXqab2ip6yt0+
9GQuBwb3YNj7HO/a2YU0aMJrs6YofOa6/0h4ZvLYe6ndzDAAFIlUmqGiHUnjnDtChaUZLX
E+9a8GkASVSizvMEpo/71uzOhn3Ta9ixDBqDQgA1DD0p3ko4bq7nYTNIfqghpJW2yTb8Sq
Fw9yuZ7WRcS/SNmsVxCN8UsimixI4uugKgiU+YWLdZrlaQk7yCRUZ4Drris4FBW55AjVJ8
nz3suOA+nh8JK0DN99hE9EAtgtMc1oKb76te1VCtd5tUfjN13qq5SvHMQp/dn+y+aVSIEg
KrvhXVwxyncL7AC04yK0TJHVk83vXCK6hyFnPeFBPhY0yUtq1smWLrjotaW8ZRLMKG6Kz/
cD69lsCnhFATfbBmKh6mRrBUaZV3nvZKKojJGnTguOQZodg0EEx/XR+aXFmJfKzyo4wdfK
OQR/HeDLS+X1tAzEkZl3QtAgeNWwngXlov3wJgg0R5X4scJZlG9ns7UNrJG2D9E4LTLMvZ
W1d9tnqAJprUdR9vvqUXGgbndzV+MuV/gY52jt2p7gvscBFVwLLuH7eTarrvqfBPAx+I33
V79GEkDdc9rCpA6BGDEJGr/Xcpx2tDiSqLc8vELfpruROx4T4PuPZvKqqcvHNNUYUQi1+y
7quwL7RgZj+i5hXGTRQ5Y+YfVYY+7sNgUxQpS5pC64s7bvwB0pHjgjn1KTXuyroPkV6pWA
FfFEk1ETJhXcl7plxpmcLROyI=
-----END OPENSSH PRIVATE KEY-----

1
tests/.ssh/test.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDojzlRtxSqAaOGaPHwCSRlsw870qwpc55W5AxlcOsbFZdtSwZ/dESBu5ql3dLsTB7WcqXoaA7Qp3w5GVRcFxn+5r2dL17MPe3zZrLNZulbnkXiaVgYLjWa0cAv9zD+0nR8/mtz2DbkpKCD8R3oLJ2Bz5oscT2XLcPvIKZlw2eBErpSopLxfpPyhU8WNK9E38mUl2tjtiBVIoIJmtgYWY8XmIpEURiiRjPidBJUVmLq9kKdUV62V/pMB2UDzqPJUiuABgzh8/9/qM81uMCwyqULzaVhPE+S9P7Ldv1Npj5nqwOmUcGj0dhofi+F+qZ8WqGkQJ5JPam0LkGuMKGNJywrxo8XTXSpYCUvbKrTWo0/1GNLCcHpIcjhUUJGObOMk1YI0Tu52PGpzDf1kI+zzAgPqWxxzegQdLcPIgm4I6x6S48EV13THoAoU5T+rLrhE0i6FokGIwKv4SycDtFCvIdOr1jxJpw0CrKHqMG/kzeljtM1HOojD5gHwESwwsZL5P5/IWvnZlGZD0fAp/SPWpZIeMTeH12QANxX69RoQfKLRMYWSabDUvGKkIxQCBaoVOmyVQIqyT5wTZ3msfGVLb729TlZcNo+8snG0k2W9skdlahx1TugzE096P+RzjUfov6g1NZKHCN8VSeu4+gmPIEiuN3tt99dKDNBMx/QYLfPpw== deploy@easyssh

13
tests/entrypoint.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
if [ ! -f "/etc/ssh/ssh_host_rsa_key" ]; then
# generate fresh rsa key
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
fi
if [ ! -f "/etc/ssh/ssh_host_dsa_key" ]; then
# generate fresh dsa key
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
fi
exec "$@"