Our AWS EC2 server runs with SSH. So we need to add the SSH key as instructed here:
The question is we should add the key for WHICH USER?
In other words, that user needs what kind of permissions under visudo for this to work? Is it?
deploy ALL=(ALL) ALL
Or something more restrictive is OK? Ideally we want to limit the permissions to avoid potential security issues.
Another concern is that my “teammates” in Circle CI were able to view the content of this key. This seems like a security issue. This key should be viewable by the admin circle ci account only.
Appreciate any opinions you have on the matter.