ssh -i key.pem -o "StrictHostKeyChecking no" root@server.com

Let’s disassemble that SSH command.

The -i parameter sets an identity file. That means the key.pem file must hold a private key that will be used to authenticate to the server. This is good, just make sure to keep that key safe.

The -o parameter lets you set configuration options that’d usually go into the SSH configuration file on the command. The option StrictHostKeyChecking no is dangerous, though, and I strongly advise you to remove it. ⚠️ It disables checking if the server is actually the one you want to connect to. Instead you should add the public key of the server to your workflow (for example using another secret), and write it to ~/.ssh/known_hosts before connecting. That way SSH can properly check if you are connecting to the right server. See ssh(1) - OpenBSD manual pages for details about how SSH authentication works.

root@server.com means to log in as the root user to the server at server.com. Check if you really need root (administrator) access for what you are doing, and if not use a regular user.

The stuff between <<'ENDSSH' and ENDSSH are commands to run on the server.

Ok but can u give me any link where i can find all this command so that i can also learn it

Which command(s) do mean? The links in my post all go to the SSH documentation, if you want to know what an SSH command (or setting) does that’s the best place to go.

echo "${{ secrets.SSH_KEY }}" | tr -d '\r' > key.pem

what about above command please explain those also secret i can understand but what about tr -d \r