Capistrano和几个SSH密钥 [英] Capistrano and several SSH keys
问题描述
无论我在.ssh文件夹中重命名为id_rsa的哪个键,都可以使用。另一个没有。如果我将git密钥重命名为id_rsa,Capistrano可以连接到git存储库,但无法在服务器进行身份验证以进行部署。如果我把它称为别的东西,它将无法连接到git repo。我知道其他的关键工作,因为我可以做ssh -i〜/ .ssh / otherKey.pem,它会成功连接到服务器。
这就是
ssh_options [:keys] = [
File.join(ENV) [HOME],.ssh,id_rsa),
File.join(ENV [HOME],.ssh,deploy)
]
ssh_options [:forward_agent] = true
如何告诉Capistrano使用两个键?它似乎只使用一个名为id_rsa。
编辑:
以下是Capistrano输出的错误消息:
$ cap yii deploy
*执行`yii'
Yii
*执行`deploy'
*执行`deploy:update'
** transaction:start
*执行`deploy:update_code'
在本地执行:git ls-remote git @ project。 beanstalkapp.com:/projectyii.git HEAD
*执行git clone -q git@project.beanstalkapp.com:/projectyii.git / var / www / projectyii-trunk / releases / 20110824174629&& cd / var / www / projectyii-trunk / releases / 20110824174629&& git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb&&(echo 5e14521285ca04a605353e97bdf31c3a2889dbfb> / var / www / projectyii-trunk / releases / 20110824174629 / REVISION)
servers:[yii.project.com]
[yii.project.com]执行命令
** [yii.project.com :: err]错误读取响应长度fr om认证套接字。
** [yii.project.com :: err] Permission denied(publickey,keyboard-interactive)。
** [yii.project.com :: err]致命:远程端意外挂起
命令完成
*** [deploy:update_code]回滚
*执行rm -rf / var / www / projectyii-trunk / releases / 20110824174629; true
servers:[yii.project.com]
[yii.project.com]执行命令
命令完成
失败:sh -c \git clone -q git@project.beanstalkapp.com:/projectyii.git / var / www / projectyii-trunk / releases / 20110824174629&& cd / var / www / projectyii-trunk / releases / 20110824174629&& git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb&& (echo 5e14521285ca04a605353e97bdf31c3a2889dbfb> / var / www / projectyii-trunk / releases / 20110824174629 / REVISION)\on yii.project.com
编辑:
另一件事:它完全可以在我的本地机器上正常工作,而不是在部署服务器上 - 具有完全相同的配置文件!看起来Capistrano在我的本地机器上使用了正确的密钥,但不在部署机器上。 解决方案
知道关于Capistrano的任何信息。
如果它简单地执行正常 ssh
调用(或调用 git
来做到这一点),你可以在每个主机(或每个主机)上配置在〜/ .ssh / config
例如,我在〜/ .ssh / config
文件中包含以下这些行:
:
#Git bei Github
Host github.com
User git
IdentityFile〜/ .ssh / svn_id_rsa
#另存数学家 - 主持人
主持人* .math.hu-berlin.de
用户ebermann
IdentityFile〜/ .ssh / id_rsa
ControlMaster auto
I need Capistrano to use 2 different SSH keys. One is for the git repository, one is for the server to deploy to.
Whichever key I rename to id_rsa in my .ssh folder, works. The other one doesn't. If I rename the git key to id_rsa, Capistrano can connect to the git repository, but then can't authenticate at the server to deploy. If I call it something else, it will not be able to connect to the git repo. I know that the other key works, cause I can do ssh -i ~/.ssh/otherKey.pem and it will successfully connect to the server.
This is what I have in my deploy.rb Capistrano file.
ssh_options[:keys] = [
File.join(ENV["HOME"], ".ssh", "id_rsa"),
File.join(ENV["HOME"], ".ssh", "deploy")
]
ssh_options[:forward_agent] = true
How can I tell Capistrano to use BOTH the keys? It only seems to use the one called id_rsa.
edit:
Here's the output from Capistrano with the error message:
$ cap yii deploy
* executing `yii'
Yii
* executing `deploy'
* executing `deploy:update'
** transaction: start
* executing `deploy:update_code'
executing locally: "git ls-remote git@project.beanstalkapp.com:/projectyii.git HEAD"
* executing "git clone -q git@project.beanstalkapp.com:/projectyii.git /var/www/projectyii-trunk/releases/20110824174629 && cd /var/www/projectyii-trunk/releases/20110824174629 && git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb && (echo 5e14521285ca04a605353e97bdf31c3a2889dbfb > /var/www/projectyii-trunk/releases/20110824174629/REVISION)"
servers: ["yii.project.com"]
[yii.project.com] executing command
** [yii.project.com :: err] Error reading response length from authentication socket.
** [yii.project.com :: err] Permission denied (publickey,keyboard-interactive).
** [yii.project.com :: err] fatal: The remote end hung up unexpectedly
command finished
*** [deploy:update_code] rolling back
* executing "rm -rf /var/www/projectyii-trunk/releases/20110824174629; true"
servers: ["yii.project.com"]
[yii.project.com] executing command
command finished
failed: "sh -c \"git clone -q git@project.beanstalkapp.com:/projectyii.git /var/www/projectyii-trunk/releases/20110824174629 && cd /var/www/projectyii-trunk/releases/20110824174629 && git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb && (echo 5e14521285ca04a605353e97bdf31c3a2889dbfb > /var/www/projectyii-trunk/releases/20110824174629/REVISION)\"" on yii.project.com
edit:
Another thing: it totally works fine from my local machine, just not on the deploy server - with exactly the same config files! It seems Capistrano uses the correct keys on my local machine, but not on the deploy machine.
Disclaimer: I don't know anything about Capistrano.
If it simply does normal ssh
calls (or calls git
to do this), you can configure the right key to use in your ~/.ssh/config
on a per-host (or per-host-alias) basis.
For example, I have these lines in my ~/.ssh/config
file:
# Git bei Github
Host github.com
User git
IdentityFile ~/.ssh/svn_id_rsa
# Andere Mathe-Hosts
Host *.math.hu-berlin.de
User ebermann
IdentityFile ~/.ssh/id_rsa
ControlMaster auto
这篇关于Capistrano和几个SSH密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!