diff --git a/.gitea/workflows/morskaRelease.yml b/.gitea/workflows/morskaRelease.yml
index e011ad4..9d0a692 100644
--- a/.gitea/workflows/morskaRelease.yml
+++ b/.gitea/workflows/morskaRelease.yml
@@ -78,6 +78,7 @@ jobs:
           (cd artifacts/frontend && zip -rq ../../build/DiunaBI-Morska-Frontend.zip .)
           (cd artifacts/webapi && zip -rq ../../build/DiunaBI-Morska-WebApi.zip .)
           ls -la build
+          
       - name: Upload artifacts to remote server
         env:
           SSH_PRIVATE_KEY: ${{ secrets.GITEARUNNER_SSH_KEY }}
@@ -104,10 +105,18 @@ jobs:
       - name: Run release script on remote server
         env:
           SSH_PRIVATE_KEY: ${{ secrets.PROD_SRV_PRIVATE_KEY }}
+          SSH_USER: mz
+          SSH_HOST: bim-it.pl
         run: |
-          echo "${SSH_PRIVATE_KEY}" > private_key
+          set -euo pipefail
+
+          umask 077
+          echo "$SSH_PRIVATE_KEY" > private_key
           chmod 600 private_key
-          ssh -i private_key -o StrictHostKeyChecking=no mz@bim-it.pl << 'EOF'
-            ./deployment/DiunaBI-Morska.Release.sh
-          EOF
-          rm private_key
\ No newline at end of file
+
+          mkdir -p ~/.ssh
+          ssh-keyscan -H "$SSH_HOST" >> ~/.ssh/known_hosts
+
+          ssh -i private_key "$SSH_USER@$SSH_HOST" "./deployment/DiunaBI-Morska.Release.sh"
+
+          shred -u private_key
\ No newline at end of file