1

We have a deployed site where we use deploy key (read-only) to pull changes. But in maintenance mode the site modify itself, so we want to push back those changes. Is there any way to push back changes through ssh without storing the key itself on the server? I am looking for something like git push -ssh-key="ssh-rsa ..."

I would like to solve the issue with default commands if its possible.

NoNameProvided
  • 8,608
  • 9
  • 40
  • 68
  • You can use `ssh-agent` locally and forward it to the site. Then you will use your local key for `git push`. But I am not sure from your description, if it is what you need. – Jakuje Apr 29 '16 at 14:46
  • I would rethink your process of modifying code in production and instead find a way to do that work locally and then push that up. Should anyone compromise your production machine, they can push code back into the repo. – castis Apr 29 '16 at 15:29
  • `Should anyone compromise your production machine, they can push code back into the repo` That is why am I asking the question, I want to archive it without storing the key on the server. And supply it explicitly as a cmd parameter. – NoNameProvided Apr 29 '16 at 15:56

1 Answers1

0

IF you are using ssh keys you mush "exchange" keys and the server has to validate it using your key.

What you can do instead is to set a trusted certificate on the server (signed certificate ) and then use it instead of the ssh key.

A very detailed answer how to it can be found here. configure Git to accept a particular self-signed server certificate for a particular https remote

Community
  • 1
  • 1
CodeWizard
  • 128,036
  • 21
  • 144
  • 167