Quick start
sshship is a hosted platform — you don’t install our app on your VPS. Sign up, add your server keys, and deploy. The product (dashboard, API, queue, billing) runs with us; your apps run on the servers you connect.
-
1
Create an account
Sign up for an account. The Free plan gives you 1 server and 3 projects — no credit card required.
-
2
Add your VPS
Go to Servers → Add server. Paste your SSH private key (PEM format). sshship encrypts it immediately and never logs it. Use Test SSH to verify connectivity.
-
3
Create a project
Go to Projects → Create project. Choose a server, deploy path (e.g. /var/www/my-app), and deployment type (Git or .zip upload).
-
4
Set build commands
Add the shell commands that prepare your app — npm install, composer install, etc. Each command runs in order under set -euo pipefail.
-
5
Deploy
Click Deploy now from the project page. Watch the live log stream as sshship clones your repo, runs your commands, and restarts your process.
SSH key setup
sshship is the main platform you log into; your VPS is where the app runs.
We connect using SSH key authentication only — no passwords.
You use a key pair where the private key is saved in your sshship account
and the public key is in ~/.ssh/authorized_keys on your VPS.
What happens to my SSH keys?
They are stored encrypted at rest in sshship (per-account, isolated from other customers). They are decrypted only inside our systems when you trigger a deploy, test SSH, terminal, metrics, or similar — then passed to our execution layer over a private channel to open an outbound SSH session to your server’s IP. They are not exposed in deploy logs, not reusable by other accounts, and you can rotate or delete them anytime from the dashboard. This is the same trust model as any hosted CI/CD or server panel: the platform holds secrets so it can act on your infrastructure when you ask it to.
Generate a new key pair (recommended)
# Run this on your local machine
ssh-keygen -t ed25519 -C "sshship-deploy" -f ~/.ssh/sshship_deploy
# Copy the public key to your VPS
ssh-copy-id -i ~/.ssh/sshship_deploy.pub user@your-vps-ip
# Print the private key to paste into sshship
cat ~/.ssh/sshship_deploy
Key requirements:
- PEM format (starts with
-----BEGIN ... PRIVATE KEY-----) - No passphrase — sshship cannot decrypt passphrase-protected keys
- RSA, Ed25519, and ECDSA are all supported
Using an existing key
If you already have a key on your server (e.g. the one you use to SSH in yourself), you can paste the same private key.
Just make sure its public counterpart is in ~/.ssh/authorized_keys
for the user sshship will connect as.
Servers
A "server" is any Linux VPS you want to deploy to — Hetzner, DigitalOcean, Vultr, Contabo, or your own hardware. sshship connects via SSH to run your deployment pipeline.
Host
IP address or hostname of the VPS.
Port
SSH port — defaults to 22.
SSH user
The remote user (e.g. deploy, ubuntu, root). Use a dedicated deploy user for best security.
SSH private key
Paste the full PEM-encoded private key. Encrypted with AES-256 on save. Never logged or exposed.
Label
A friendly name — shown in the dashboard. E.g. "Production EU", "Staging".
~/.ssh/authorized_keys and the port is open.
Projects
A project links a code source (Git repo or .zip) to a target server, a deploy path, and a build pipeline.
Name
A human-readable identifier.
Server
Which VPS to deploy to.
Deploy path
Absolute path on the VPS where code is placed — e.g. /var/www/my-app or /opt/apps/api.
Type
git or upload. Determines where code comes from.
Build commands
Shell commands run after code is prepared. See the Build commands section.
NGINX
Optional: let sshship write an NGINX vhost config and optionally obtain an SSL certificate via Certbot.
Process restart
Optional: a command to restart your app after deploy — e.g. systemctl restart my-app or pm2 restart all.
Git deployments
Choose deployment type: git, provide a repository URL and branch.
The first deploy clones the repo; subsequent deploys run git pull.
Repository URL format
# SSH (recommended for private repos)
git@github.com:your-org/your-repo.git
# HTTPS (works for public repos)
https://github.com/your-org/your-repo.git
Private repos — SSH deploy key
For private repositories, generate a separate key pair for the deploy key:
ssh-keygen -t ed25519 -C "sshship-repo-deploy" -f ~/.ssh/repo_deploy -N ""
Paste the private key (~/.ssh/repo_deploy) into the
SSH deploy key field in sshship.
Add the public key (~/.ssh/repo_deploy.pub) as a read-only
Deploy Key on GitHub
or GitLab. The key is encrypted at rest and injected only at deploy time — never logged.
.zip deployments
Choose deployment type: upload.
From the project page, upload a .zip of your built artefact.
Useful for compiled binaries, pre-built frontends, or any workflow where you build locally or in CI.
-
1
Upload
Drop or select your .zip from the project page. Max 100 MB.
-
2
Secure store
The archive is stored privately — not publicly accessible.
-
3
Deploy
Click Deploy now. sshship transfers the archive to your VPS and extracts it into the deploy path.
-
4
Build
Your build commands run as normal after extraction.
Build commands
Each command runs in order inside your deploy path. One command per line. A non-zero exit code stops the pipeline and marks the deployment as failed.
Laravel / PHP
Node.js / Next.js
Static HTML / plain site
Python / Django
Docker Compose (Starter+)
cd into it.
Webhooks
Git projects automatically get a webhook URL. Add it to GitHub or GitLab so every push to your branch triggers a deploy automatically — no manual action needed.
Environments Pro
Environments let you maintain separate configurations for the same project — for example staging (deploy on every push) and production (deploy manually or on a release tag).
Branch
Each environment can track a different branch — e.g. main → production, develop → staging.
Server
Each environment deploys to a different server — or the same one at a different path.
Env variables
Each environment gets its own variables; on deploy we write them into your application’s environment file on the server before build commands run (many PHP frameworks use a .env file there — not sshship’s settings).
Deploy path
Different path per environment — e.g. /var/www/my-app-staging vs /var/www/my-app.
REST API
All dashboard operations are available via REST API at
https://your-domain.com/api/v1/*.
Create an API token from Settings → API Tokens and pass it as a Bearer token.
API tokens are available on the Starter plan and above.
# Trigger a deployment from CI
curl -X POST https://your-domain.com/api/v1/projects/{project-id}/deployments \
-H "Authorization: Bearer sp_your_token_here" \
-H "Content-Type: application/json"
| Endpoint | Description |
|---|---|
GET /api/v1/servers |
List your servers |
POST /api/v1/servers |
Add a server |
POST /api/v1/servers/{id}/test-ssh |
Test SSH connectivity |
GET /api/v1/projects |
List projects |
POST /api/v1/projects |
Create a project |
PUT /api/v1/projects/{id} |
Update a project |
DELETE /api/v1/projects/{id} |
Delete a project |
POST /api/v1/projects/{id}/deployments |
Trigger a deployment |
GET /api/v1/projects/{id}/deployments |
List deployments |
GET /api/v1/projects/{id}/deployments/{deployId} |
Get deployment + logs |
POST /api/v1/webhooks/github/{id} |
GitHub push webhook |
Plan limits
All plans include Git and .zip deployments, NGINX, SSL, and environment variables. Higher plans unlock more servers and advanced features.
| Feature | Free | Starter | Pro | Business |
|---|---|---|---|---|
| Servers | 1 | 5 | ∞ | ∞ |
| Projects | 3 | ∞ | ∞ | ∞ |
| Deployments / month | 50 | ∞ | ∞ | ∞ |
| Docker Compose | ||||
| Server metrics & alerts | ||||
| Web SSH terminal | ||||
| Remote file browser | ||||
| Deployment rollback | ||||
| API tokens | ||||
| GitLab webhooks | ||||
| Cron job manager | ||||
| Teams & roles | ||||
| Multi-server deploy | ||||
| NGINX load balancing | ||||
| Environments | ||||
| Database backups | ||||
| Audit log | ||||
| Audit log export |