remove support i386

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

.drone.yml

@@ -9,7 +9,7 @@ platform:
 steps:
 - name: vet
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - make vet
   volumes:
@@ -18,7 +18,7 @@ steps:
 
 - name: lint
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - make lint
   volumes:
@@ -27,7 +27,7 @@ steps:
 
 - name: misspell
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - make misspell-check
   volumes:
@@ -36,7 +36,7 @@ steps:
 
 - name: test
   pull: always
-  image: golang:1.14-alpine
+  image: golang:1.15-alpine
   commands:
   - apk add git make curl perl bash build-base zlib-dev ucl-dev
   - make ssh-server
@@ -68,9 +68,9 @@ platform:
 steps:
 - name: build-push
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
-  - go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-ssh
+  - "go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-ssh"
   environment:
     CGO_ENABLED: 0
   when:
@@ -80,9 +80,9 @@ steps:
 
 - name: build-tag
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
-  - go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-ssh
+  - "go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-ssh"
   environment:
     CGO_ENABLED: 0
   when:
@@ -91,7 +91,7 @@ steps:
 
 - name: executable
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - ./release/linux/amd64/drone-ssh --help
 
@@ -130,8 +130,8 @@ steps:
 trigger:
   ref:
   - refs/heads/master
-  - refs/pull/**
+  - "refs/pull/**"
-  - refs/tags/**
+  - "refs/tags/**"
 
 depends_on:
 - testing
@@ -147,9 +147,9 @@ platform:
 steps:
 - name: build-push
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
-  - go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-ssh
+  - "go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-ssh"
   environment:
     CGO_ENABLED: 0
   when:
@@ -159,9 +159,9 @@ steps:
 
 - name: build-tag
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
-  - go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-ssh
+  - "go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-ssh"
   environment:
     CGO_ENABLED: 0
   when:
@@ -170,7 +170,7 @@ steps:
 
 - name: executable
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - ./release/linux/arm64/drone-ssh --help
 
@@ -209,8 +209,8 @@ steps:
 trigger:
   ref:
   - refs/heads/master
-  - refs/pull/**
+  - "refs/pull/**"
-  - refs/tags/**
+  - "refs/tags/**"
 
 depends_on:
 - testing
@@ -226,9 +226,9 @@ platform:
 steps:
 - name: build-push
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
-  - go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-ssh
+  - "go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-ssh"
   environment:
     CGO_ENABLED: 0
   when:
@@ -238,9 +238,9 @@ steps:
 
 - name: build-tag
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
-  - go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-ssh
+  - "go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-ssh"
   environment:
     CGO_ENABLED: 0
   when:
@@ -249,7 +249,7 @@ steps:
 
 - name: executable
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - ./release/linux/arm/drone-ssh --help
 
@@ -288,8 +288,8 @@ steps:
 trigger:
   ref:
   - refs/heads/master
-  - refs/pull/**
+  - "refs/pull/**"
-  - refs/tags/**
+  - "refs/tags/**"
 
 depends_on:
 - testing
@@ -305,7 +305,7 @@ platform:
 steps:
 - name: build-all-binary
   pull: always
-  image: golang:1.14
+  image: golang:1.15
   commands:
   - make release
   when:
@@ -319,14 +319,14 @@ steps:
     api_key:
       from_secret: github_release_api_key
     files:
-    - dist/release/*
+    - "dist/release/*"
   when:
     event:
     - tag
 
 trigger:
   ref:
-  - refs/tags/**
+  - "refs/tags/**"
 
 depends_on:
 - testing
@@ -354,7 +354,7 @@ steps:
 trigger:
   ref:
   - refs/heads/master
-  - refs/tags/**
+  - "refs/tags/**"
 
 depends_on:
 - linux-amd64

DOCS.md

@@ -112,6 +112,8 @@ Example configuration for exporting custom secrets:
 ```diff
   - name: ssh commands
     image: appleboy/drone-ssh
+    environment:
+      commit: ${DRONE_BUILD_NUMBER}
     settings:
       host: foo.com
       username: root
@@ -119,8 +121,10 @@ Example configuration for exporting custom secrets:
       port: 22
 +     envs:
         - aws_access_key_id
+        - commit
       script:
         - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
+        - echo $commit
 ```
 
 Example configuration for stoping script after first failure:

Makefile

@@ -8,7 +8,7 @@ DEPLOY_ACCOUNT := appleboy
 DEPLOY_IMAGE := $(EXECUTABLE)
 
 TARGETS ?= linux darwin windows
-ARCHS ?= amd64 386
+ARCHS ?= amd64
 SOURCES ?= $(shell find . -name "*.go" -type f)
 TAGS ?=
 LDFLAGS ?= -X 'main.Version=$(VERSION)'
@@ -117,16 +117,18 @@ endif
 	docker push $(DEPLOY_ACCOUNT)/$(DEPLOY_IMAGE):$(tag)
 
 ssh-server:
-	adduser -h /home/drone-scp -s /bin/bash -D -S drone-scp
+	adduser -h /home/drone-scp -s /bin/sh -D -S drone-scp
 	echo drone-scp:1234 | chpasswd
 	mkdir -p /home/drone-scp/.ssh
 	chmod 700 /home/drone-scp/.ssh
 	cat tests/.ssh/id_rsa.pub >> /home/drone-scp/.ssh/authorized_keys
 	cat tests/.ssh/test.pub >> /home/drone-scp/.ssh/authorized_keys
+	chmod 600 /home/drone-scp/.ssh/authorized_keys
 	chown -R drone-scp /home/drone-scp/.ssh
 	# install ssh and start server
 	apk add --update openssh openrc
 	rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
+	sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
 	sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
 	./tests/entrypoint.sh /usr/sbin/sshd -D &
 

go.mod

@@ -3,8 +3,9 @@ module github.com/appleboy/drone-ssh
 go 1.14
 
 require (
-	github.com/appleboy/easyssh-proxy v1.3.1
+	github.com/appleboy/easyssh-proxy v1.3.7
 	github.com/joho/godotenv v1.3.0
-	github.com/stretchr/testify v1.3.0
+	github.com/stretchr/testify v1.6.1
 	github.com/urfave/cli v1.22.4
+	golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de
 )

go.sum

@@ -1,8 +1,8 @@
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/ScaleFT/sshkeys v0.0.0-20181112160850-82451a803681 h1:JS2rl38kZmHgWa0xINSaSYH0Whtvem64/4+Ef0+Y5pE=
 github.com/ScaleFT/sshkeys v0.0.0-20181112160850-82451a803681/go.mod h1:WfDateMPQ/55dPbZRp5Zxrux5WiEaHsjk9puUhz0KgY=
-github.com/appleboy/easyssh-proxy v1.3.1 h1:zj5u800KIRPziMlJouhd2R6jufz6ihGlFSmojzXYSOw=
+github.com/appleboy/easyssh-proxy v1.3.7 h1:4XsChI8PuAd6jwTIKvTCH97vWmknvMJGxYi0PLiULG8=
-github.com/appleboy/easyssh-proxy v1.3.1/go.mod h1:Kk57I3w7OCafOjp5kgZFvxk2fO8Tca5CriBTOsbSbjY=
+github.com/appleboy/easyssh-proxy v1.3.7/go.mod h1:Kk57I3w7OCafOjp5kgZFvxk2fO8Tca5CriBTOsbSbjY=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
@@ -17,18 +17,27 @@ github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA=
 github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876 h1:sKJQZMuxjOAR/Uo2LBfU90onWEf1dF4C+0hPJCc9Mpc=
 golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de h1:ikNHVSjEfnvz6sxdSPCaPt572qowuyMDMJLLm3Db3ig=
+golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -7,7 +7,6 @@ import (
 
 	"github.com/appleboy/easyssh-proxy"
 	"github.com/joho/godotenv"
-	_ "github.com/joho/godotenv/autoload"
 	"github.com/urfave/cli"
 )
 
@@ -20,6 +19,10 @@ func main() {
 		_ = godotenv.Load(filename)
 	}
 
+	if _, err := os.Stat("/run/drone/env"); err == nil {
+		godotenv.Overload("/run/drone/env")
+	}
+
 	app := cli.NewApp()
 	app.Name = "Drone SSH"
 	app.Usage = "Executing remote ssh commands"
@@ -60,9 +63,25 @@ func main() {
 			EnvVar: "PLUGIN_PASSWORD,SSH_PASSWORD,PASSWORD,INPUT_PASSWORD",
 		},
 		cli.StringSliceFlag{
-			Name:   "host,H",
+			Name:   "ciphers",
-			Usage:  "connect to host",
+			Usage:  "The allowed cipher algorithms. If unspecified then a sensible",
-			EnvVar: "PLUGIN_HOST,SSH_HOST,HOST,INPUT_HOST",
+			EnvVar: "PLUGIN_CIPHERS,SSH_CIPHERS,CIPHERS,INPUT_CIPHERS",
+		},
+		cli.BoolFlag{
+			Name:   "useInsecureCipher",
+			Usage:  "include more ciphers with use_insecure_cipher",
+			EnvVar: "PLUGIN_USE_INSECURE_CIPHER,SSH_USE_INSECURE_CIPHER,USE_INSECURE_CIPHER,INPUT_USE_INSECURE_CIPHER",
+		},
+		cli.StringFlag{
+			Name:   "fingerprint",
+			Usage:  "fingerprint SHA256 of the host public key, default is to skip verification",
+			EnvVar: "PLUGIN_FINGERPRINT,SSH_FINGERPRINT,FINGERPRINT,INPUT_FINGERPRINT",
+		},
+		cli.StringSliceFlag{
+			Name:     "host,H",
+			Usage:    "connect to host",
+			EnvVar:   "PLUGIN_HOST,SSH_HOST,HOST,INPUT_HOST",
+			FilePath: ".host",
 		},
 		cli.IntFlag{
 			Name:   "port,p",
@@ -144,6 +163,21 @@ func main() {
 			Usage:  "proxy connection timeout",
 			EnvVar: "PLUGIN_PROXY_TIMEOUT,PROXY_SSH_TIMEOUT,INPUT_PROXY_TIMEOUT",
 		},
+		cli.StringSliceFlag{
+			Name:   "proxy.ciphers",
+			Usage:  "The allowed cipher algorithms. If unspecified then a sensible",
+			EnvVar: "PLUGIN_PROXY_CIPHERS,SSH_PROXY_CIPHERS,PROXY_CIPHERS,INPUT_PROXY_CIPHERS",
+		},
+		cli.BoolFlag{
+			Name:   "proxy.useInsecureCipher",
+			Usage:  "include more ciphers with use_insecure_cipher",
+			EnvVar: "PLUGIN_PROXY_USE_INSECURE_CIPHER,SSH_PROXY_USE_INSECURE_CIPHER,PROXY_USE_INSECURE_CIPHER,INPUT_PROXY_USE_INSECURE_CIPHER",
+		},
+		cli.StringFlag{
+			Name:   "proxy.fingerprint",
+			Usage:  "fingerprint SHA256 of the host public key, default is to skip verification",
+			EnvVar: "PLUGIN_PROXY_FINGERPRINT,SSH_PROXY_FINGERPRINT,PROXY_FINGERPRINT,INPUT_PROXY_FINGERPRINT",
+		},
 		cli.StringSliceFlag{
 			Name:   "envs",
 			Usage:  "pass environment variable to shell script",
@@ -201,29 +235,35 @@ func run(c *cli.Context) error {
 	}
 	plugin := Plugin{
 		Config: Config{
-			Key:            c.String("ssh-key"),
+			Key:               c.String("ssh-key"),
-			KeyPath:        c.String("key-path"),
+			KeyPath:           c.String("key-path"),
-			Username:       c.String("user"),
+			Username:          c.String("user"),
-			Password:       c.String("password"),
+			Password:          c.String("password"),
-			Passphrase:     c.String("ssh-passphrase"),
+			Passphrase:        c.String("ssh-passphrase"),
-			Host:           c.StringSlice("host"),
+			Fingerprint:       c.String("fingerprint"),
-			Port:           c.Int("port"),
+			Host:              c.StringSlice("host"),
-			Timeout:        c.Duration("timeout"),
+			Port:              c.Int("port"),
-			CommandTimeout: c.Duration("command.timeout"),
+			Timeout:           c.Duration("timeout"),
-			Script:         scripts,
+			CommandTimeout:    c.Duration("command.timeout"),
-			ScriptStop:     c.Bool("script.stop"),
+			Script:            scripts,
-			Envs:           c.StringSlice("envs"),
+			ScriptStop:        c.Bool("script.stop"),
-			Debug:          c.Bool("debug"),
+			Envs:              c.StringSlice("envs"),
-			Sync:           c.Bool("sync"),
+			Debug:             c.Bool("debug"),
+			Sync:              c.Bool("sync"),
+			Ciphers:           c.StringSlice("ciphers"),
+			UseInsecureCipher: c.Bool("useInsecureCipher"),
 			Proxy: easyssh.DefaultConfig{
-				Key:        c.String("proxy.ssh-key"),
+				Key:               c.String("proxy.ssh-key"),
-				KeyPath:    c.String("proxy.key-path"),
+				KeyPath:           c.String("proxy.key-path"),
-				User:       c.String("proxy.username"),
+				User:              c.String("proxy.username"),
-				Password:   c.String("proxy.password"),
+				Password:          c.String("proxy.password"),
-				Passphrase: c.String("proxy.ssh-passphrase"),
+				Passphrase:        c.String("proxy.ssh-passphrase"),
-				Server:     c.String("proxy.host"),
+				Fingerprint:       c.String("proxy.fingerprint"),
-				Port:       c.String("proxy.port"),
+				Server:            c.String("proxy.host"),
-				Timeout:    c.Duration("proxy.timeout"),
+				Port:              c.String("proxy.port"),
+				Timeout:           c.Duration("proxy.timeout"),
+				Ciphers:           c.StringSlice("proxy.ciphers"),
+				UseInsecureCipher: c.Bool("proxy.useInsecureCipher"),
 			},
 		},
 		Writer: os.Stdout,

pipeline.libsonnet

@@ -9,7 +9,7 @@
     steps: [
       {
         name: 'vet',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         commands: [
           'make vet',
@@ -23,7 +23,7 @@
       },
       {
         name: 'lint',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         commands: [
           'make lint',
@@ -37,7 +37,7 @@
       },
       {
         name: 'misspell',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         commands: [
           'make misspell-check',
@@ -51,7 +51,7 @@
       },
       {
         name: 'test',
-        image: 'golang:1.14-alpine',
+        image: 'golang:1.15-alpine',
         pull: 'always',
         commands: [
           'apk add git make curl perl bash build-base zlib-dev ucl-dev',
@@ -93,7 +93,7 @@
     steps: [
       {
         name: 'build-push',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         environment: {
           CGO_ENABLED: '0',
@@ -109,7 +109,7 @@
       },
       {
         name: 'build-tag',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         environment: {
           CGO_ENABLED: '0',
@@ -123,7 +123,7 @@
       },
       {
         name: 'executable',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         commands: [
           './release/' + os + '/' + arch + '/' + name + ' --help',
@@ -188,7 +188,7 @@
     steps: [
       {
         name: 'build-all-binary',
-        image: 'golang:1.14',
+        image: 'golang:1.15',
         pull: 'always',
         commands: [
           'make release'

plugin.go

@@ -23,21 +23,24 @@ var (
 type (
 	// Config for the plugin.
 	Config struct {
-		Key            string
+		Key               string
-		Passphrase     string
+		Passphrase        string
-		KeyPath        string
+		KeyPath           string
-		Username       string
+		Username          string
-		Password       string
+		Password          string
-		Host           []string
+		Host              []string
-		Port           int
+		Port              int
-		Timeout        time.Duration
+		Fingerprint       string
-		CommandTimeout time.Duration
+		Timeout           time.Duration
-		Script         []string
+		CommandTimeout    time.Duration
-		ScriptStop     bool
+		Script            []string
-		Envs           []string
+		ScriptStop        bool
-		Proxy          easyssh.DefaultConfig
+		Envs              []string
-		Debug          bool
+		Proxy             easyssh.DefaultConfig
-		Sync           bool
+		Debug             bool
+		Sync              bool
+		Ciphers           []string
+		UseInsecureCipher bool
 	}
 
 	// Plugin structure
@@ -51,26 +54,44 @@ func escapeArg(arg string) string {
 	return "'" + strings.Replace(arg, "'", `'\''`, -1) + "'"
 }
 
+func (p Plugin) hostPort(host string) (string, string) {
+	hosts := strings.Split(host, ":")
+	port := strconv.Itoa(p.Config.Port)
+	if len(hosts) > 1 {
+		host = hosts[0]
+		port = hosts[1]
+	}
+
+	return host, port
+}
+
 func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
+	host, port := p.hostPort(host)
 	// Create MakeConfig instance with remote username, server address and path to private key.
 	ssh := &easyssh.MakeConfig{
-		Server:     host,
+		Server:            host,
-		User:       p.Config.Username,
+		User:              p.Config.Username,
-		Password:   p.Config.Password,
+		Password:          p.Config.Password,
-		Port:       strconv.Itoa(p.Config.Port),
+		Port:              port,
-		Key:        p.Config.Key,
+		Key:               p.Config.Key,
-		KeyPath:    p.Config.KeyPath,
+		KeyPath:           p.Config.KeyPath,
-		Passphrase: p.Config.Passphrase,
+		Passphrase:        p.Config.Passphrase,
-		Timeout:    p.Config.Timeout,
+		Timeout:           p.Config.Timeout,
+		Ciphers:           p.Config.Ciphers,
+		Fingerprint:       p.Config.Fingerprint,
+		UseInsecureCipher: p.Config.UseInsecureCipher,
 		Proxy: easyssh.DefaultConfig{
-			Server:     p.Config.Proxy.Server,
+			Server:            p.Config.Proxy.Server,
-			User:       p.Config.Proxy.User,
+			User:              p.Config.Proxy.User,
-			Password:   p.Config.Proxy.Password,
+			Password:          p.Config.Proxy.Password,
-			Port:       p.Config.Proxy.Port,
+			Port:              p.Config.Proxy.Port,
-			Key:        p.Config.Proxy.Key,
+			Key:               p.Config.Proxy.Key,
-			KeyPath:    p.Config.Proxy.KeyPath,
+			KeyPath:           p.Config.Proxy.KeyPath,
-			Passphrase: p.Config.Proxy.Passphrase,
+			Passphrase:        p.Config.Proxy.Passphrase,
-			Timeout:    p.Config.Proxy.Timeout,
+			Timeout:           p.Config.Proxy.Timeout,
+			Ciphers:           p.Config.Proxy.Ciphers,
+			Fingerprint:       p.Config.Proxy.Fingerprint,
+			UseInsecureCipher: p.Config.Proxy.UseInsecureCipher,
 		},
 	}
 
@@ -198,11 +219,12 @@ func (p Plugin) scriptCommands() []string {
 	commands := make([]string, 0)
 
 	for _, cmd := range scripts {
+		cmd = strings.TrimSpace(cmd)
 		if strings.TrimSpace(cmd) == "" {
 			continue
 		}
 		commands = append(commands, cmd)
-		if p.Config.ScriptStop {
+		if p.Config.ScriptStop && cmd[(len(cmd)-1):] != "\\" {
 			commands = append(commands, "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;")
 		}
 	}

plugin_test.go

@@ -3,6 +3,7 @@ package main
 import (
 	"bytes"
 	"io"
+	"io/ioutil"
 	"os"
 	"reflect"
 	"strings"
@@ -11,6 +12,7 @@ import (
 
 	"github.com/appleboy/easyssh-proxy"
 	"github.com/stretchr/testify/assert"
+	"golang.org/x/crypto/ssh"
 )
 
 func TestMissingHostOrUser(t *testing.T) {
@@ -384,6 +386,80 @@ func TestCommandOutput(t *testing.T) {
 	assert.Equal(t, unindent(expected), unindent(buffer.String()))
 }
 
+func TestWrongFingerprint(t *testing.T) {
+	var (
+		buffer bytes.Buffer
+	)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"localhost"},
+			Username: "drone-scp",
+			Port:     22,
+			KeyPath:  "./tests/.ssh/id_rsa",
+			Script: []string{
+				"whoami",
+			},
+			Fingerprint: "wrong",
+		},
+		Writer: &buffer,
+	}
+
+	err := plugin.Exec()
+	assert.NotNil(t, err)
+}
+
+func getHostPublicKeyFile(keypath string) (ssh.PublicKey, error) {
+	var pubkey ssh.PublicKey
+	var err error
+	buf, err := ioutil.ReadFile(keypath)
+	if err != nil {
+		return nil, err
+	}
+
+	pubkey, _, _, _, err = ssh.ParseAuthorizedKey(buf)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return pubkey, nil
+}
+
+func TestFingerprint(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+			======CMD======
+			whoami
+			======END======
+			out: drone-scp
+		`
+	)
+
+	hostKey, err := getHostPublicKeyFile("/etc/ssh/ssh_host_rsa_key.pub")
+	assert.NoError(t, err)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"localhost"},
+			Username: "drone-scp",
+			Port:     22,
+			KeyPath:  "./tests/.ssh/id_rsa",
+			Script: []string{
+				"whoami",
+			},
+			Fingerprint:    ssh.FingerprintSHA256(hostKey),
+			CommandTimeout: 10 * time.Second,
+		},
+		Writer: &buffer,
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}
+
 func TestScriptStop(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
@@ -570,6 +646,17 @@ func TestPlugin_scriptCommands(t *testing.T) {
 			},
 			want: []string{"mkdir a", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir c", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir b", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;"},
 		},
+		// See: https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
+		{
+			name: "Multiline SSH commands interpreted as single lines",
+			fields: fields{
+				Config: Config{
+					Script:     []string{"ls \\ ", "-lah", "mkdir a"},
+					ScriptStop: true,
+				},
+			},
+			want: []string{"ls \\", "-lah", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir a", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;"},
+		},
 		{
 			name: "trim space",
 			fields: fields{
@@ -593,3 +680,97 @@ func TestPlugin_scriptCommands(t *testing.T) {
 		})
 	}
 }
+
+func TestUseInsecureCipher(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+			======CMD======
+			mkdir a/b/c
+			mkdir d/e/f
+			======END======
+			err: mkdir: can't create directory 'a/b/c': No such file or directory
+			err: mkdir: can't create directory 'd/e/f': No such file or directory
+		`
+	)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"localhost"},
+			Username: "drone-scp",
+			Port:     22,
+			KeyPath:  "./tests/.ssh/id_rsa",
+			Script: []string{
+				"mkdir a/b/c",
+				"mkdir d/e/f",
+			},
+			CommandTimeout:    10 * time.Second,
+			UseInsecureCipher: true,
+		},
+		Writer: &buffer,
+	}
+
+	err := plugin.Exec()
+	assert.NotNil(t, err)
+
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}
+
+func TestPlugin_hostPort(t *testing.T) {
+	type fields struct {
+		Config Config
+		Writer io.Writer
+	}
+	type args struct {
+		h string
+	}
+	tests := []struct {
+		name     string
+		fields   fields
+		args     args
+		wantHost string
+		wantPort string
+	}{
+		{
+			name: "default host and port",
+			fields: fields{
+				Config: Config{
+					Port: 22,
+				},
+			},
+			args: args{
+				h: "localhost",
+			},
+			wantHost: "localhost",
+			wantPort: "22",
+		},
+		{
+			name: "different port",
+			fields: fields{
+				Config: Config{
+					Port: 22,
+				},
+			},
+			args: args{
+				h: "localhost:443",
+			},
+			wantHost: "localhost",
+			wantPort: "443",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			p := Plugin{
+				Config: tt.fields.Config,
+				Writer: tt.fields.Writer,
+			}
+			gotHost, gotPort := p.hostPort(tt.args.h)
+			if gotHost != tt.wantHost {
+				t.Errorf("Plugin.hostPort() gotHost = %v, want %v", gotHost, tt.wantHost)
+			}
+			if gotPort != tt.wantPort {
+				t.Errorf("Plugin.hostPort() gotPort = %v, want %v", gotPort, tt.wantPort)
+			}
+		})
+	}
+}