Capistrano and GitHub Private Repo – Permission denied (publickey)
I've inherited a Rails project, hosted on Linode.
The previous developer was using a BitBucket repository, along with Capistrano for deployments.
I've since setup a private repository on GitHub, and I'm trying to get the Capistrano recipe to work. I'm having no luck. I continue to get a publickey error during deployment.
Here are the steps I've taken –
- Updated the Git remote (origin) URL on the Linode server to point to my new repository
- Updated the repository reference in the Capfile, to reference my new repository
- Ensured
ssh_options[:forward_agent]was set to true in the Capfile - Generated an SSH key locally (id_rsa.pub) and added it to my user account in GitHub
- Executed the
ssh-addcommand, to ensure the identity was added for auth agent - Ran
ssh -T [email protected]to confirm ssh was properly setup locally - Logged into my Linode server and ran
ssh -T [email protected]to ensure it was working also
Additionally, just in case the forward_agent property wasn't working, I even tried generating an SSH key on the Linode server, and adding it to GitHub as well. No luck.
After all of this, when I run cap deploy, I get the following error:
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
Below is the recipe I'm using –
require "bundler/capistrano"
server "----SERVER IP----", :web, :app, :db, primary: true
set :application, "blog"
set :user, "deployer"
set :deploy_to, "/var/www/blog"
set :deploy_via, :remote_cache
set :use_sudo, false
set :scm, "git"
set :repository, "[email protected]:--MY USERNAME--/blog.git"
set :branch, "master"
default_run_options[:pty] = true
ssh_options[:forward_agent] = true
after "deploy", "deploy:cleanup" # keep only the last 5 releases
namespace :deploy do
task :start do; end
task :stop do; end
task :restart, roles: :app, except: {no_release: true} do
run "touch #{deploy_to}/current/tmp/restart.txt"
end
task :setup_config, roles: :app do
sudo "ln -nfs #{current_path}/config/apache.conf /etc/apache2/sites-available/blog"
run "mkdir -p #{shared_path}/config"
put File.read("config/database.example.yml"), "#{shared_path}/config/database.yml"
puts "Now edit the config files in #{shared_path}."
end
after "deploy:setup", "deploy:setup_config"
task :symlink_config, roles: :app do
run "ln -nfs #{shared_path}/config/database.yml #{release_path}/config/database.yml"
run "ln -nfs #{shared_path}/public/avatars #{release_path}/public/avatars"
end
after "deploy:finalize_update", "deploy:symlink_config"
desc "Make sure local git is in sync with remote."
task :check_revision, roles: :web do
unless `git rev-parse HEAD` == `git rev-parse origin/master`
puts "WARNING: HEAD is not the same as origin/master"
puts "Run `git push` to sync changes."
exit
end
end
before "deploy", "deploy:check_revision"
end
I can't seem to figure out where I'm going wrong – any help would be greatly appreciated.
UPDATE
I've also ensured the following was added to my local ~/.ssh/config file...
Host mydomain.com
ForwardAgent yes
Answer
Today I found the root cause on MAC. My ssh key was not added to the authentication agent so the key was not forwarded. The solution was to execute the following command:
ssh-add ~/.ssh/id_dsa
(or ssh-add ~/.ssh/id_rsa if you use rsa key)
To remove all the ssh keys added to agent
ssh-add -D