ssh-deploy
ssh-deploy copied to clipboard
Consider adding support for non-PEM keys
I'm not a cryptography master, I'm not even a begginer, but from what I've read around the years PEM are considered less secure than new format or ed25519:
https://superuser.com/questions/1455735/what-does-ssh-keygen-o-do https://web.archive.org/web/20190328095423/https://latacora.singles/2018/08/03/the-default-openssh.html
Can you add support for new format keys? README says to explicitly use the less-secure format which is worrying.
After doing some source code reading and experiments, I found this action supports ED25519 keys actually.
You can just put your key in secret and use as the README says. But not to forget the trailing newline, or rsync will tell you your key is in wrong format. I am not quite sure if new format keys require ending with a empty line, but it works for me anyway.