New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does the ssh key get left on the runner? #199
Comments
I am also interested in this question. Is it safe to leave private ssh keys on github cloud runners? |
Likewise! |
According to this document, it seems to be safe because decommissioned automatically.
I think we need to remove not only SSH keys but also all source codes if VM is reused by someone 🤔 |
Thanks for the response! In my org's case, we use hosted runners. removing the ssh key would be beneficial to us as we use these VMs for lots of different kinds of workflows. It's also a risk leaving all our keys on one VM! |
@kiweezi Unfortunately, - name: remove SSH keys
run: rm -rf ~/.ssh
if: ${{ always() }} |
@shimataro Is it not possible for this feature to be added to the action? Either way, appreciate your response and discussion on it! |
Probably not.
It's a good idea! I will add to "Q&A" section later. thanks! |
Hi, Please try using! |
Will the ssh-key and authorized keys be removed from the runner at the end of workflow execution?
The text was updated successfully, but these errors were encountered: