When I deploy a Rails app to Amazon EC2 server with using Capistrano, I get
** [IP.compute-1.amazonaws.com :: out] Permission denied (publickey).
** [IP.compute-1.amazonaws.com :: out] fatal: The remote end hung up unexpectedly
while executing the
git clone
command.
I think it has something to do with Github keys, but I don't know how to set it up.
I would be grateful for every advise!
Thanks!
EDIT:
I generated the new key on Github, put it into id_rsa.pub and on my EC2 server I created the file .ssh/authorized_keys with this key, but it still doesn't work.
What's wrong with that?
To use ssh agent:
ssh_options[:forward_agent] = true
To use your pem file:
ssh_options[:auth_methods] = ["publickey"]
ssh_options[:keys] = ["/path/to/file.pem"]
To enable agent in your local
$ ssh-add
You will have to execute this command each time, I don't know the scope of 'each time', I added ssh-add to run each time I open a new tab in terminal with echo ssh-add >> ~/.bashrc, depending in your OS and configuration.
The process, as far as I understand is this:
You have an ssh-agent in your local
You connect to server you are deploying with pem file, as you do with ssh, but this time through Capistrano
Remote server uses your agent to use your key to checkout git repo inside deploy machine.
Can you first SSH to your EC2 instance and then second, clone your github repo from the EC2 instance using the ssh keys that are installed on your EC2 instance?
With all of these distributed workflows things can get a little confusing, so let me try and puzzle out what you're doing wrong.
The id_rsa.pub that you installed on Github corresponds with private key. Usually, this is in ~/.ssh/id_rsa This keypair enables a holder of the private key to SSH to github.
.ssh/authorized_keys is an SSH server configuration. authorized_keys contains the public keys (i.e., id_rsa.pub) to enables an SSH server to accept incoming connections from machines with the corresponding private key. The authorized_keys file is not relevant to your cloning issue.
The EC2 instance is trying to contact the Github repository in order to clone the repository from Github, and failing. The EC2 instance needs a private key configured to match up with the corresponding public (Github) key for the account.
Generate a new keypair on the EC2 instance, and add the public key from the new keypair to your Github account.
Related
I'm deploying a rails app on digital ocean, following this link. When I followed the exact steps, it worked perfectly. But then I realized the github repository is public. I should have it as private. I create a private repository and changed the remote origin in my local. I put the ssh keys in the new private repository. Removed the old apps folder in the server. And then tried to clone from the remote repository but it asks for password. (It should have taken the ssh key??).
Also I changed the deploy.rb and nginx.conf to reflect the changes of the remote repository and then gave this command, cap production deploy:initial, but it fails, due to authentication failure in git.
Why does it fail? Why is the ssh key not taking effect?
Maybe it is because you have not enabled ssh forwarding for digital ocean? To verify, first edit the $HOME/.ssh/config on your local pc:
host *
ForwardAgent yes
Now try to run cap production deploy:initial. If it works without a password now, then you should change the host * to actually match the hostname of your ssh host, so ForwardAgent is only set for digital ocean:
host digitalocean.com
ForwardAgent yes
For your use case: ForwardAgent enables the server to use your local ssh keys, so your deploy user has the same "ssh rights" like your local user.
This looks like capistrano is still using the old git remote address. When you change the remote url, it is not enough to do this inside deploy.rb etc, but you have to manually change the file repo/config inside the deployment dir of capistrono on the server when you already deployed it with an old remote url before.
So, if you have the following inside your deploy.rb (or deploy/production.rb)
set :deploy_to, '/var/www/path/to/deploy'
You have to manually edit the file on the server
/var/www/path/to/deploy/repo/config
and amend the url = XXX entry of your remote to match the new one.
I'm trying to clone a current project from Heroku. I was having permission access issues so I removed existing keys, and added my current key:
$ heroku keys:add
Found an SSH public key at /home/martyn/.ssh/id_rsa.pub
Would you like to upload it to Heroku? [Yn] Y
Uploading SSH public key /home/martyn/.ssh/id_rsa.pub... done
$ heroku keys
=== martynbissett#yahoo.co.uk Keys
ssh-rsa AAAAB3NzaC...5VRkk6UVBT martyn#martyn-Lenovo-B590
$ heroku git:clone -a young-lowlands-8336
Cloning from app 'young-lowlands-8336'...
Cloning into 'young-lowlands-8336'...
Agent admitted failure to sign using the key.
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I've check the site is live, and it is. From my Heroku control panel I can see that this project is active too. Why am I still being denied?
This is the response I got back from Heroku, and it seems to work now:
It looks like your local SSH is using a different key than the default one.
Could you try resetting your keys identities to the default with the following command:
ssh-add -D
I am trying to push my rails app to Heroku. When I attempt to push to heroku:
git push heroku master
I get the following error:
! Your account abc#abc.com does not have access to APPNAME
! SSH Key Fingerprint: 8b:ac:.......
fatal: Could not read from remote repository
Please make sure you have the correct access rights and the repository exists.
When I type:
heroku keys
I can see my ssh-rsa key.
What I have tried:
Clear all SSH keys (both heroku and gitHub). Create a new SSH key for GitHub and upload this same SSH key to both Heroku and Github
Opened GitBash and
ssh-add
ssh-add -l
To add and verify only one key:
Login to heroku website and verify only one key at SSH key field
I can push to GitHub fine but not to Heroku. Can anyone please help?
1) Firstly do the heroku keys:add and then try or copy your ssh key and paste it, on the account settings of heroku.
2) Secondly checking that ur this ssh key not be accessed by another heroku app ?
This is my first time using linode and uploading a Rails app to a VPS, so I might of skipped something obvious.
I followed two tutorials
Ryan Bates video to deploying to a vps
and
David's answer on Stackoverflow
I am at the point where I want to deploy my rails app on Linode (Ubuntu 13.10)
When I execute the command bundle exec cap deploy:update
I get the errors that Linode cannot connect to github due to a public key
user:my-app User$ bundle exec cap deploy:update
* 2014-02-12 17:19:46 executing `deploy:update'
** transaction: start
* 2014-02-12 17:19:46 executing `deploy:update_code'
updating the cached checkout on all servers
executing locally: "git ls-remote git#github.com:user/my-app.git master"
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
*** [deploy:update_code] rolling back
* executing "rm -rf /home/user/apps/my-app/releases/20140212091953; true"
servers: ["XXX.XXX.XX.XX"]
[XXX.XXX.XX.XX] executing command
command finished in 4607ms
Command git ls-remote git#github.com:user/my-app.git master returned status code pid 1529 exit 128
On my local machine I have no problem to commit and push my app on Github and I have RSA Keys on my local computer. It just asks me to login with my username and password each time I push my app.
On linode from the shell, I can connect to github by using ssh -vT git#github.com. I do have the RSA keys on the linode server and I added the ssh-agent using ssh-add
my deploy.rb
set :application, "my-app"
set :user, "user"
set :deploy_to, "/home/#{user}/apps/#{application}"
set :deploy_via, :remote_cache
set :use_sudo, false
set :keep_releases, 3
default_run_options[:pty] = true
set :scm, :git
set :repository, "git#github.com:user/#{application}.git"
set :ssh_options, { :forward_agent => true }
# ssh_options[:forward_agent] = true
set :branch, "master"
I am a bit at a loss.
EDIT: I have a private repository
I just moved from Linux to Mac OSx. Thus, I have imported whole .ssh folder from linux to mac. While moving from linux to linux it worked, but to make it work on Mac, I had also to run:
ssh-add
That's the whole fix ;) See http://peteoliveira.com/deploying-with-capistrano-3-failing-permission-denied-publickey/ for more info.
So I found the solution to this github connection. I actually have another problem with the deployment where the bundle install fails. Anyways here is what I learned and I hope it will help others.
What you need to know:
With Capistrano when you wish to push your public or private Github
repository onto your VPS server, you need to make sure that BOTH your
server and your computer has an SSH access with Github.
Even if you can git push origin master it doesn't mean you have SSH
access with Github. Here is how you troubleshoot:
A) Make sure you can SSH access from your computer
Make sure you have Git installed on your machine Set up Git
tutorial
Make sure that you have an SSH Key on your local machine (with Linux
or Mac)
cd ~/.ssh then
ls -a
and look for the files id_rsa and id_rsa.pub
If you don't have these rsa files, follow this tutorial
Generating SSH keys
Copy your SSH key
pbcopy < ~/.ssh/id_rsa.pub
# Copies the contents of the id_rsa.pub file to your clipboard
Login with your browser on http://www.github.com and go to
your_username -> edit profile -> settings -> ssh keys
https://github.com/settings/ssh. Click the button Add keys, add the name that identifies your comptuter and paste the key code that you previously copied.
Make sure you have SSH Agent on. In Terminal type
ssh-add #enter a passphrase if you want to (recommended)
Test if you can SSH with Github
ssh git#github.com
The first time it may ask you to accept the connection.
You should get the following response
PTY allocation request failed on channel 0
Hi username! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
You can also make sure that your id_rsa is properly found by running
ssh -vT git#github.com
# make sure that this line is not -1 (it means it couldn't find the file)
=> debug1: identity file /Users/YOUR_USERNAME/.ssh/id_rsa type 1
Now you shouldn't have permission denied (Public Key)
B) Make sure you can SSH access from your server
Run ssh root#your_server_ip_address if you didn't setup a user on your server or ssh username#your_server_ip_address. You will then be within the server shell and you want to repeat the same process for your computer.
NOTE: The server SSH Keys will be different than your computer. That means that on Github you need to add 2 SSH Keys, one for your computer and one for your server. That is why you need to repeat the process on both machines. Also to keep it simple, do not try to have more than one SSH Key on each machine.
NOTE 2: In your server after you generated your SSH key, to copy it run the command cat ~/.ssh/id_rsa.pub
Once both your computer and the server are accepted on Github, then you can update your rails app using capistrano and your Github repository. Yay!
Trying to deploy my first Rails app to Heroku.
All app code is here:
https://github.com/donpinkus/first_app.
Running heroku create gives me this error:
donaldmbp15:first_app donald$ git push heroku master
Warning: Permanently added the RSA host key for IP address '50.19.85.132' to the list of known hosts.
Connection closed by 50.19.85.132
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
donaldmbp15:first_app donald$
It sounds like something along the line, either Heroku or Github does not have access rights. I've pushed to Github from my local git repo, so I'm ruling out Github as the source of error. That leaves Heroku, or my local machine. Any ideas?
First Generate the RSA key first by following
bash: ssh-keygen -t rsa
Add your key to heroku
bash: heroku keys:add
Read more https://devcenter.heroku.com/articles/keys