We take security as top priority. Roll-out uses industry standard OpenSSH protocol as a way of deploying your webapps on the cloud.
Unlike File Transfer Protocol, where the username and password goes as plain text over the network. This makes Roll-out very secure.
For a Machine X or (Chrisloves.co) to authenticate Machine A (Rollout Machine), we can use passwords, but passwords are insecure they can be easily cracked by password generators. So we go for something called Public Key & Private Key Infrastructure that uses a very hard to break algorithm called RSA Algorithm.
How do I setup Public key for roll-out ?¶
First you need to make roll-out machine to be authenticated by your machine and perform task, roll-out must be authenticated.
For this to happen, roll-out automatically creates public key, private key for you and provides the public key on My Settings page, you can effortlessly go over there and copy it and paste it to your
~/.ssh/authorized_keys file of your home folder of your hosting server / remote server.
In the my settings page use
When you wanted only the key to be copied and that needs to be pasted on a web based control panel.
When you wanted to copy and paste to authorized_keys file on commandline.
- This is very first step that you need to do when you are using roll-out.
- Every time you are deploying to a new Server You need to add the public key on your authorized_keys file of the new server once.
- This step should be done, on per machine basis. For example you can run multiple websites on the same machine using virtual host, in that case it is enough if you do it once.