Skip to content

Instantly share code, notes, and snippets.

@floydpink
Forked from lukewpatterson/gist:4242707
Last active March 6, 2021 22:18
Show Gist options
  • Save floydpink/4631240 to your computer and use it in GitHub Desktop.
Save floydpink/4631240 to your computer and use it in GitHub Desktop.
Generating secure environment variables for GitHub deployment keys to be used from a Travis-CI build.
# On a Mac, use this script to generate secure deployment key
# To generate secure SSH deploy key for a github repo to be used from Travis
base64 --break=0 ~/.ssh/id_rsa_deploy > ~/.ssh/id_rsa_deploy_base64
ENCRYPTION_FILTER="echo \$(echo \"- secure: \")\$(travis encrypt \"\$FILE='\`cat $FILE\`'\" -r floydpink/harimenon.com)"
# If you don't have homebrew please install it from http://brew.sh/
brew install coreutils
gsplit --bytes=100 --numeric-suffixes --suffix-length=2 --filter="$ENCRYPTION_FILTER" ~/.ssh/id_rsa_deploy_base64 id_rsa_
# To reconstitute the private SSH key from within the Travis-CI build (typically from 'before_script')
echo -n $id_rsa_{00..30} >> ~/.ssh/id_rsa_base64
base64 --decode ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
# On Linux (tested only on Ubuntu), use this script to generate secure deployment key
# To generate secure SSH deploy key for a github repo to be used from Travis
base64 --wrap=0 ~/.ssh/id_rsa_deploy > ~/.ssh/id_rsa_deploy_base64
ENCRYPTION_FILTER="echo \$(echo \"- secure: \")\$(travis encrypt \"\$FILE='\`cat $FILE\`'\" -r floydpink/harimenon.com)"
split --bytes=100 --numeric-suffixes --suffix-length=2 --filter="$ENCRYPTION_FILTER" ~/.ssh/id_rsa_deploy_base64 id_rsa_
# To reconstitute the private SSH key from within the Travis-CI build (typically from 'before_script')
echo -n $id_rsa_{00..30} >> ~/.ssh/id_rsa_base64
base64 --decode --ignore-garbage ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
@floydpink
Copy link
Author

Thank you, @koter84

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment