~sircmpwn/sr.ht-discuss

2 2

Using a non-standard SSH port

Details
Message ID
<MWHPR06MB3326583AF1A321AFDD6C28F68F4F9@MWHPR06MB3326.namprd06.prod.outlook.com>
DKIM signature
missing
Download raw message
Today I have submitted my first build via build.yml to publish my website to an external VPS as per the Using Build Secrets tutorial (https://man.sr.ht/tutorials/builds.sr.ht/using-build-secrets.md)

The build failed at the upload step with rsync failing to establish connection to the remote host.
> port 22: Connection refused

This is most likely due to using a non-standard SSH port. What could I do to use a non-standard SSH port without exposing it in the build manifest and the job log?


Thanks
Animesh (https://sr.ht/~animesh/)
Details
Message ID
<4be654a5-0f37-3a27-2c7b-fc901e1db58d@mnus.de>
In-Reply-To
<MWHPR06MB3326583AF1A321AFDD6C28F68F4F9@MWHPR06MB3326.namprd06.prod.outlook.com> (view parent)
DKIM signature
missing
Download raw message
> This is most likely due to using a non-standard SSH port. What could I do to use a non-standard SSH port without exposing it in the build manifest and the job log?

There's no point in hiding the port. Anyone with a port scanner can 
trivially find it within minutes. The only benefit of running on a 
non-standard port is less log spam.
Details
Message ID
<20210413141543.a6e7h6c66kvk6en5@iyo>
In-Reply-To
<MWHPR06MB3326583AF1A321AFDD6C28F68F4F9@MWHPR06MB3326.namprd06.prod.outlook.com> (view parent)
DKIM signature
missing
Download raw message
> This is most likely due to using a non-standard SSH port. What could I do to use a non-standard SSH port without exposing it in the build manifest and the job log?

In the spirit of providing the help requested instead of telling people
they're wrong:

You could experiment with using a file type "secret". - https://builds.sr.ht/secrets

I might try something like the following:

1.
make secret at the destination `~/.ssh_port_secret` with the following
content:

SSH_PORT=2222

2. 
in your build manifest execute:
`source ~/.ssh_port_secret`
`rsync --rsh="ssh -p $SSH_PORT"`


hope that helps. maybe try with the wrong port first to make sure it
doesn't show up in the job log.
Reply to thread Export thread (mbox)