What to know about SSH PEM file in Github Action Workflow?

Hi All,

echo "${{ secrets.SSH_KEY }}" | tr -d '\r' > key.pem
         chmod 400 key.pem
 ssh -i key.pem  -o "StrictHostKeyChecking no" root@server.com <<'ENDSSH'


One of my friend has send me above commands.

Actually i want to add azure vm in github action yaml file to execute docker container in that vm above command work for me but i want to know what above command actually do from where he got any website or links please let me know

Let’s disassemble that SSH command.

The -i parameter sets an identity file. That means the key.pem file must hold a private key that will be used to authenticate to the server. This is good, just make sure to keep that key safe.

The -o parameter lets you set configuration options that’d usually go into the SSH configuration file on the command. The option StrictHostKeyChecking no is dangerous, though, and I strongly advise you to remove it. :warning: It disables checking if the server is actually the one you want to connect to. Instead you should add the public key of the server to your workflow (for example using another secret), and write it to ~/.ssh/known_hosts before connecting. That way SSH can properly check if you are connecting to the right server. See ssh(1) - OpenBSD manual pages for details about how SSH authentication works.

root@server.com means to log in as the root user to the server at server.com. Check if you really need root (administrator) access for what you are doing, and if not use a regular user.

The stuff between <<'ENDSSH' and ENDSSH are commands to run on the server.

Ok but can u give me any link where i can find all this command so that i can also learn it

Which command(s) do mean? The links in my post all go to the SSH documentation, if you want to know what an SSH command (or setting) does that’s the best place to go.

what about above command please explain those also secret i can understand but what about tr -d \r

See the tr manual page. In short, that command deletes all \r (carriage return) characters from the input. Those are likely present if the key file was created on Windows.