关于 ssh-key 与 deploy-key

ssh-key 是用于认证 Github 账户的密钥,对所有的 repository (下文简写为 repo ) 都有操作权限;而 deploy-key 只允许对特定 repo 进行操作,每个 repo 的 deploy key 都是独有的,其他 repo 无法使用相同的 key。

下面是 Github 官方的说明:

Deploy key is a SSH key set in your repo to grant client read-only (as well as r/w, if you want) access to your repo.

As the name says, its primary function is to be used in the deploy process, where only read access is needed. Therefore keep the repo safe from the attack, in case the server side is fallen.

出于安全考虑(尝试新事物),我决定为托管在 Github 上的这个博客配置单独的 deploy-key.

阅读全文 »