Key Store

The Key Store in Semaphore is used to store credentials for accessing remote Repositories, accessing remote hosts, sudo credentials, and Ansible vault passwords.

It is helpful to have configured all required access keys before setting up other resources like Inventories, Repositories, and tasks templates so you do not have to edit them later.



SSH Keys are used to access remote servers as well as remote Repositories.

At this time, semaphore does not support using SSH keys that are password protected.

If you need assistance quickly generating a key and placing it on your host, here is a quick guide.

For Git Repositories that use SSH authentication, the Git Repository you are trying to clone from needs to have your public key associated to the private key.

Below are links to the docs for some common Git Repositories:

Login With Password

Login With Password is a username and password/access token combination that can be used to do the following:

  • Authenticate to remote hosts (although this is less secure than using SSH keys)

  • Sudo credentials on remote hosts

  • Authenticate to remote Git Repositories over HTTPS (although SSH is more secure)

  • Unlock Ansible vaults

This type of secret can be used as Personal Access Token (PAT) or secret string. Simply leave the Login field empty.


This is used as a filler for Repos that do not require authentication, like an Open-Source Repository on GitLab.

Last updated