spydi-n8n-automation/examples/credentials/ssh.example.json at main · spydisec/spydi-n8n-automation · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
{
  "name": "Example SSH Credential",
  "type": "ssh",
  "description": "Template for SSH credential configuration in n8n",
  "instructions": [
    "1. In n8n, go to Credentials",
    "2. Click 'New Credential'",
    "3. Select 'SSH'",
    "4. Choose authentication method below",
    "5. Save and note the credential name for workflow references"
  ],
  "authenticationMethods": {
    "privateKey": {
      "name": "ssh_portainer_servers",
      "description": "SSH access to Portainer servers (RECOMMENDED)",
      "authenticationMethod": "privateKey",
      "fields": {
        "host": "{{ $json.hostname }}",
        "port": "{{ $json.port || 22 }}",
        "username": "ubuntu",
        "privateKey": "PASTE_PRIVATE_KEY_CONTENT_HERE",
        "passphrase": "optional-if-key-has-passphrase"
      },
      "notes": [
        "Generate key pair: ssh-keygen -t ed25519 -C 'n8n-automation'",
        "Copy to server: ssh-copy-id -i ~/.ssh/key.pub user@server",
        "Paste the PRIVATE key content (not the .pub file)",
        "Keep private key secure and never commit to git"
      ]
    },
    "password": {
      "name": "ssh_portainer_servers",
      "description": "SSH access with password (less secure)",
      "authenticationMethod": "password",
      "fields": {
        "host": "{{ $json.hostname }}",
        "port": "{{ $json.port || 22 }}",
        "username": "ubuntu",
        "password": "CONFIGURE_IN_N8N_GUI"
      },
      "notes": [
        "Password authentication is less secure than key-based",
        "Use only if key-based auth is not possible",
        "Consider using strong passwords (20+ characters)",
        "Rotate passwords regularly"
      ]
    }
  },
  "bestPractices": [
    "Use key-based authentication instead of passwords",
    "Create separate credentials for different environments (dev/staging/prod)",
    "Use descriptive credential names (e.g., 'ssh_prod_webservers')",
    "Test credentials after creation using n8n's 'Test' button",
    "Document which workflows use which credentials",
    "Rotate credentials regularly (quarterly recommended)",
    "Use different SSH keys for different purposes"
  ],
  "security": {
    "warning": "Never commit actual credentials to this repository",
    "storage": "Credentials are stored encrypted in n8n's database",
    "access": "Only workflow executions can access credentials",
    "audit": "Track credential usage through n8n execution logs"
  },
  "dynamicFields": {
    "note": "Use expressions to get values from workflow data",
    "examples": {
      "host": "{{ $json.hostname }} - Gets hostname from workflow data",
      "port": "{{ $json.port || 22 }} - Gets port or defaults to 22",
      "username": "{{ $json.sshUser || 'ubuntu' }} - Dynamic username with fallback"
    }
  }
}