Unset SSH environment variables after key file creation for enhanced security

2025-09-14 12:47:44 +02:00
parent 8e618e59db
commit 59a19551fe
1 changed files with 4 additions and 0 deletions
--- a/scripts/auto-boot-ollama-host.lua
+++ b/scripts/auto-boot-ollama-host.lua
@@ -107,6 +107,10 @@ local function createSSHKeyFilesFromEnv()
  pub_fh:close()
  os.execute(("chmod 644 %q"):format(SSH_IDENTITY_FILE .. ".pub"))
  log("Wrote SSH public key to " .. SSH_IDENTITY_FILE .. ".pub")
+
+  -- Unset the env vars for security
+  os.setenv("SSH_PRIVATE_KEY", "")
+  os.setenv("SSH_PUBLIC_KEY", "")
 end

 local function main()