Unclear on how to encrypt an SSH private key

bachya · September 17, 2019, 11:15pm

I’m attempting to use an SSH private key as an encrypted secret for deployment; I can’t seem to get the syntax right.

Here’s what I’ve tried:

$ drone encrypt <user>/<repo> '-----BEGIN OPENSSH PRIVATE KEY-----\n...\n-----END OPENSSH PRIVATE KEY-----'

(note that newlines are important in a private key, so my string includes literal newlines)

This produces the following error:

Incorrect Usage: bad flag syntax: -----BEGIN OPENSSH PRIVATE KEY-----\n...\n-----END OPENSSH PRIVATE KEY-----

What syntax should I be using?

bachya · September 17, 2019, 11:35pm

bradrydzewski · September 18, 2019, 2:25am

you can read the secret from file using the @ syntax

drone encrypt secret octocat/hello-world @path/to/file

harryxu · October 28, 2019, 8:55am

Thank you, this helps me a lot. Also, I think this syntax explanation should put in drone documentation.