mirror of
https://github.com/appleboy/scp-action.git
synced 2024-11-23 23:55:09 +08:00
chore: Add passphrase
This commit is contained in:
parent
193fd4eaa9
commit
6c5771fab8
16
README.md
16
README.md
@ -39,6 +39,7 @@ see the [action.yml](./action.yml) file for more detail imformation.
|
||||
* port - scp remote port, default is `22`
|
||||
* username - scp username
|
||||
* password - scp password
|
||||
* passphrase - the passphrase is usually to encrypt the private key
|
||||
* timeout - timeout for ssh to remote host, default is `30s`
|
||||
* command_timeout - timeout for scp command, default is `10m`
|
||||
* key - content of ssh private key. ex raw content of ~/.ssh/id_rsa
|
||||
@ -141,3 +142,18 @@ foobar
|
||||
├── a.txt
|
||||
└── b.txt
|
||||
```
|
||||
|
||||
Protecting a Private Key. The purpose of the passphrase is usually to encrypt the private key. This makes the key file by itself useless to an attacker. It is not uncommon for files to leak from backups or decommissioned hardware, and hackers commonly exfiltrate files from compromised systems.
|
||||
|
||||
```diff
|
||||
- name: ssh key with passphrase
|
||||
uses: appleboy/scp-action@master
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
key: ${{ secrets.SSH2 }}
|
||||
+ passphrase: ${{ secrets.PASSPHRASE }}
|
||||
port: ${{ secrets.PORT }}
|
||||
source: "tests/a.txt,tests/b.txt"
|
||||
target: "test"
|
||||
```
|
||||
|
@ -21,6 +21,8 @@ inputs:
|
||||
description: 'content of ssh private key. ex raw content of ~/.ssh/id_rsa'
|
||||
key_path:
|
||||
description: 'path of ssh private key'
|
||||
passphrase:
|
||||
description: 'ssh key passphrase'
|
||||
target:
|
||||
description: 'target path on the server'
|
||||
source:
|
||||
|
Loading…
Reference in New Issue
Block a user