Capistrano和几个SSH密钥 [英] Capistrano and several SSH keys

问题描述

我需要Capistrano使用2个不同的SSH密钥。一个用于git仓库，一个用于服务器部署。

无论我在.ssh文件夹中重命名为id_rsa的哪个键，都可以使用。另一个没有。如果我将git密钥重命名为id_rsa，Capistrano可以连接到git存储库，但无法在服务器进行身份验证以进行部署。如果我把它称为别的东西，它将无法连接到git repo。我知道其他的关键工作，因为我可以做ssh -i〜/ .ssh / otherKey.pem，它会成功连接到服务器。

这就是

  ssh_options [：keys] = [
 File.join（ENV） [HOME]，.ssh，id_rsa），
 File.join（ENV [HOME]，.ssh，deploy）
] 
 
 ssh_options [：forward_agent] = true 
  

如何告诉Capistrano使用两个键？它似乎只使用一个名为id_rsa。

编辑：

以下是Capistrano输出的错误消息：

  $ cap yii deploy 
 *执行`yii'
 Yii 
 *执行`deploy'
 *执行`deploy：update'
 ** transaction：start 
 *执行`deploy：update_code'
在本地执行：git ls-remote git @ project。 beanstalkapp.com:/projectyii.git HEAD
 *执行git clone -q git@project.beanstalkapp.com：/projectyii.git / var / www / projectyii-trunk / releases / 20110824174629&& cd / var / www / projectyii-trunk / releases / 20110824174629&& git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb&&（echo 5e14521285ca04a605353e97bdf31c3a2889dbfb> / var / www / projectyii-trunk / releases / 20110824174629 / REVISION）
 servers：[yii.project.com] 
 [yii.project.com]执行命令
 ** [yii.project.com :: err]错误读取响应长度fr om认证套接字。 
 ** [yii.project.com :: err] Permission denied（publickey，keyboard-interactive）。 
 ** [yii.project.com :: err]致命：远程端意外挂起
命令完成
 *** [deploy：update_code]回滚
 *执行rm -rf / var / www / projectyii-trunk / releases / 20110824174629; true
 servers：[yii.project.com] 
 [yii.project.com]执行命令
命令完成
失败：sh -c \git clone -q git@project.beanstalkapp.com：/projectyii.git / var / www / projectyii-trunk / releases / 20110824174629&& cd / var / www / projectyii-trunk / releases / 20110824174629&& git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb&& （echo 5e14521285ca04a605353e97bdf31c3a2889dbfb> / var / www / projectyii-trunk / releases / 20110824174629 / REVISION）\on yii.project.com 
  

编辑：

另一件事：它完全可以在我的本地机器上正常工作，而不是在部署服务器上 - 具有完全相同的配置文件！看起来Capistrano在我的本地机器上使用了正确的密钥，但不在部署机器上。 解决方案

知道关于Capistrano的任何信息。

如果它简单地执行正常 ssh 调用（或调用 git 来做到这一点），你可以在每个主机（或每个主机）上配置在〜/ .ssh / config 例如，我在〜/ .ssh / config 文件中包含以下这些行：

：

 ＃Git bei Github 
 Host github.com 
 User git 
 IdentityFile〜/ .ssh / svn_id_rsa 
 
＃另存数学家 - 主持人
主持人* .math.hu-berlin.de 
用户ebermann 
 IdentityFile〜/ .ssh / id_rsa 
 ControlMaster auto 
  

I need Capistrano to use 2 different SSH keys. One is for the git repository, one is for the server to deploy to.

Whichever key I rename to id_rsa in my .ssh folder, works. The other one doesn't. If I rename the git key to id_rsa, Capistrano can connect to the git repository, but then can't authenticate at the server to deploy. If I call it something else, it will not be able to connect to the git repo. I know that the other key works, cause I can do ssh -i ~/.ssh/otherKey.pem and it will successfully connect to the server.

This is what I have in my deploy.rb Capistrano file.

ssh_options[:keys] = [
        File.join(ENV["HOME"], ".ssh", "id_rsa"),
        File.join(ENV["HOME"], ".ssh", "deploy")
    ]

ssh_options[:forward_agent] = true 

How can I tell Capistrano to use BOTH the keys? It only seems to use the one called id_rsa.

edit:

Here's the output from Capistrano with the error message:

$ cap yii deploy
  * executing `yii'
Yii
  * executing `deploy'
  * executing `deploy:update'
 ** transaction: start
  * executing `deploy:update_code'
    executing locally: "git ls-remote git@project.beanstalkapp.com:/projectyii.git HEAD"
  * executing "git clone -q git@project.beanstalkapp.com:/projectyii.git /var/www/projectyii-trunk/releases/20110824174629 && cd /var/www/projectyii-trunk/releases/20110824174629 && git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb && (echo 5e14521285ca04a605353e97bdf31c3a2889dbfb > /var/www/projectyii-trunk/releases/20110824174629/REVISION)"
    servers: ["yii.project.com"]
    [yii.project.com] executing command
 ** [yii.project.com :: err] Error reading response length from authentication socket.
 ** [yii.project.com :: err] Permission denied (publickey,keyboard-interactive).
 ** [yii.project.com :: err] fatal: The remote end hung up unexpectedly
    command finished
*** [deploy:update_code] rolling back
  * executing "rm -rf /var/www/projectyii-trunk/releases/20110824174629; true"
    servers: ["yii.project.com"]
    [yii.project.com] executing command
    command finished
failed: "sh -c \"git clone -q git@project.beanstalkapp.com:/projectyii.git /var/www/projectyii-trunk/releases/20110824174629 && cd /var/www/projectyii-trunk/releases/20110824174629 && git checkout -q -b deploy 5e14521285ca04a605353e97bdf31c3a2889dbfb && (echo 5e14521285ca04a605353e97bdf31c3a2889dbfb > /var/www/projectyii-trunk/releases/20110824174629/REVISION)\"" on yii.project.com

edit:

Another thing: it totally works fine from my local machine, just not on the deploy server - with exactly the same config files! It seems Capistrano uses the correct keys on my local machine, but not on the deploy machine.

解决方案

Disclaimer: I don't know anything about Capistrano.

If it simply does normal ssh calls (or calls git to do this), you can configure the right key to use in your ~/.ssh/config on a per-host (or per-host-alias) basis.

For example, I have these lines in my ~/.ssh/config file:

# Git bei Github
Host github.com
User git
IdentityFile ~/.ssh/svn_id_rsa

#  Andere Mathe-Hosts
Host *.math.hu-berlin.de
User ebermann
IdentityFile ~/.ssh/id_rsa
ControlMaster auto

这篇关于Capistrano和几个SSH密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！