Using no more than one ssh key


#1

Hi,

From what I can see, the idea is that CircleCi needs one key to clone repository from GitHub. One key to access the server to be deployed (when doing automatic deployment). And one key to clone from GitHub to the server to be deployed (since agent forwarding is not enabled). Why not do it all with just one deploy key (the first one)? Agent forwarding it to the server to be deployed, and then to GitHub?

I could probably do it like so:

deployment:
  staging:
    branch: master
    commands:
      - |
          echo 'Host example.com
            ForwardAgent yes
            IdentityFile /home/ubuntu/.ssh/id_circleci_github
            IdentitiesOnly yes' >> ~/.ssh/config
      - ssh-add ~/.ssh/id_circleci_github
      - bundle exec cap staging deploy

But that doesn’t seem like a good thing to do.


#2