Problem to solve
I’m using gitlab pipeline for deploy to remote server.
like this:
deploy:
stage: deploy
before_script:
- chmod 400 $SSH_KEY # with wider rights ssh not allow for connection
script:
- $($SSH_COMMAND "
docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY &&
docker pull $IMAGE_TAG_COMMIT
docker logout
")
It works but forced me to remove password from used certificate.
This pipeline is run manually so it’s not a big deal to manually pass password to SSH when
deploy stage occurs.
How to do this?
Hi there,
You could use GitLab CI/CD variables (in the same way you’re already using them in your configuration. You can either:
- store your password in a project’s CI/CD variables (then you don’t need to input it manually every time), or
- add it manually over UI just before the job starts - in that case, don’t forget to add
when: manual to your job. When the job is created, all you need to do is click on the job name (NOT the Play button), and a UI like this will pop up:
here you can enter exact variable name and value and click “Run job”
Hope this helps 
Hi,
What I want to achieve is to make ssh command simple.
I saw tutorials which describes how to use sshpass.
They was complicated and require lot of effort to understand what is happening there.
I thought if I can use some how manual input I can skip usage of sshpass to provide password.
@paula.kokic do you think it’s possible?
Hi,
Hmm, I think you will have to use sshpass either way, because you cannot stop a GitLab job in the middle and ask for input 
(at least AFAIK, you can still browse the docs).
Perhaps stupid question: why don’t you use SSH Keys without passphrase? Isn’t that secure enough for your use case?
1 Like
