Currently it is not possible to use different credentials per host without redeploying hal-agent.
This should be managed within the db (encrypted, obviously) and allow multiple types (pw, filesystem keyfile, provided keyfile). Deployments would then be assigned a credential and they would use that when deploying.
Server Commands should be able to use a different credential from deployment.
AWS deployments currently use this system, but rsync-based deployments are more complex, as we need to be able to connect using native ssh with php, but also command line rsync.
Perhaps we need to figure out a good way to pass db-based credentials to the cli rsync.
Currently it is not possible to use different credentials per host without redeploying hal-agent.
This should be managed within the db (encrypted, obviously) and allow multiple types (pw, filesystem keyfile, provided keyfile). Deployments would then be assigned a credential and they would use that when deploying.
Server Commands should be able to use a different credential from deployment.
AWS deployments currently use this system, but rsync-based deployments are more complex, as we need to be able to connect using native ssh with php, but also command line rsync.
Perhaps we need to figure out a good way to pass db-based credentials to the cli rsync.