Reputation: 956
Capistrano and GitHub Private Repo – Permission denied (publickey)
I've inherited a Rails project, hosted on Linode.
The previous developer was using a BitBucket repository, along with Capistrano for deployments.
I've since setup a private repository on GitHub, and I'm trying to get the Capistrano recipe to work. I'm having no luck. I continue to get a publickey error during deployment.
Here are the steps I've taken –
- Updated the Git remote (origin) URL on the Linode server to point to my new repository
- Updated the repository reference in the Capfile, to reference my new repository
- Ensured
ssh_options[:forward_agent]was set to true in the Capfile - Generated an SSH key locally (id_rsa.pub) and added it to my user account in GitHub
- Executed the
ssh-addcommand, to ensure the identity was added for auth agent - Ran
ssh -T [email protected]to confirm ssh was properly setup locally - Logged into my Linode server and ran
ssh -T [email protected]to ensure it was working also
Additionally, just in case the forward_agent property wasn't working, I even tried generating an SSH key on the Linode server, and adding it to GitHub as well. No luck.
After all of this, when I run cap deploy, I get the following error:
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
Below is the recipe I'm using –
require "bundler/capistrano"
server "----SERVER IP----", :web, :app, :db, primary: true
set :application, "blog"
set :user, "deployer"
set :deploy_to, "/var/www/blog"
set :deploy_via, :remote_cache
set :use_sudo, false
set :scm, "git"
set :repository, "[email protected]:--MY USERNAME--/blog.git"
set :branch, "master"
default_run_options[:pty] = true
ssh_options[:forward_agent] = true
after "deploy", "deploy:cleanup" # keep only the last 5 releases
namespace :deploy do
task :start do; end
task :stop do; end
task :restart, roles: :app, except: {no_release: true} do
run "touch #{deploy_to}/current/tmp/restart.txt"
end
task :setup_config, roles: :app do
sudo "ln -nfs #{current_path}/config/apache.conf /etc/apache2/sites-available/blog"
run "mkdir -p #{shared_path}/config"
put File.read("config/database.example.yml"), "#{shared_path}/config/database.yml"
puts "Now edit the config files in #{shared_path}."
end
after "deploy:setup", "deploy:setup_config"
task :symlink_config, roles: :app do
run "ln -nfs #{shared_path}/config/database.yml #{release_path}/config/database.yml"
run "ln -nfs #{shared_path}/public/avatars #{release_path}/public/avatars"
end
after "deploy:finalize_update", "deploy:symlink_config"
desc "Make sure local git is in sync with remote."
task :check_revision, roles: :web do
unless `git rev-parse HEAD` == `git rev-parse origin/master`
puts "WARNING: HEAD is not the same as origin/master"
puts "Run `git push` to sync changes."
exit
end
end
before "deploy", "deploy:check_revision"
end
I can't seem to figure out where I'm going wrong – any help would be greatly appreciated.
UPDATE
I've also ensured the following was added to my local ~/.ssh/config file...
Host mydomain.com
ForwardAgent yes
Upvotes: 10
Views: 11497
Answers (6)
Reputation: 11
Note you will also get this error if the deployment server has no disk space!
Upvotes: 0
Reputation: 388
Today I found the root cause on MAC. My ssh key was not added to the authentication agent so the key was not forwarded. The solution was to execute the following command:
ssh-add ~/.ssh/id_dsa
(or ssh-add ~/.ssh/id_rsa if you use rsa key)
To remove all the ssh keys added to agent
ssh-add -D
Upvotes: 22
Reputation: 525
for me the only way it has deploy was:
adding the local id_rsa to the server
cat ~/.ssh/github_rsa.pub | ssh -i /Users/jasmo2/Documents/AWS-keypair/designmatch.pem [email protected] "cat >> .ssh/authorized_keys"
after typing the command. Is preferable to set the set :ssh_options.
Then
set :use_sudo, true on the deploy.rb file.
Finally instal
- On the server :
sudo apt-get install libpq-dev
gem install pg -v '0.18.4'
- On the deploy.rb (local):
desc 'Restart application'
task :restart do
on roles(:app), in: :sequence, wait: 5 do
execute :mkdir, '-p', "#{ release_path }/tmp"
execute :touch, release_path.join('tmp/restart.txt')
end
end
Upvotes: 0
Reputation: 11439
If you're still stuck I answered a similar question as yours here: SSH Agent Forwarding not working
Check if your key is added to the list of agent identities with ssh-add -L.
Upvotes: 9
Reputation: 311
Similarly I could SSH from dev machine to the staging machine and also SSH from staging machine to github.com.
However cap deploy failed doing the git clone
Permission denied (publickey).
however the git ls-remote worked which is strange.
If I added this to my config on the staging machine it works
Host github.com
Hostname github.com
IdentityFile ~/.ssh/git
User git
Upvotes: 1
Reputation: 888
Try adding the following line to your Capistrano script, this will explicitly tell Capistrano what key it should be using.
set :ssh_options, {
forward_agent: true,
paranoid: true,
keys: "~/.ssh/id_rsa"
}
Upvotes: 11
Related Questions
- Capistrano 3 deploy fails connecting to GitHub - Permission denied (publickey)
- Capistrano Deploy Failing on git:check - Permission denied (publickey)
- Capistrano deploy not finding private github repo (key forwarding working)
- Rails : Capistrano. Permisssion Denied(public key)
- Connect to github from linode with Capistrano deploy gives permission denied to public key
- Permission denied public key with Cap, but I can ssh into github
- Amazon EC2 + Capistrano + Git: Permission denied (publickey)
- GitHub Deploy via Capistrano. Public Repo and SSH works, but Private doesn't
- Capistrano local git repository cloning to remote asks for password despite SSH keys
- Why did I have to upload my private key to my server to get Capistrano to work with GitHub?