Capistrano 部署在 git:check 上失败 - 权限被拒绝(公钥)
Capistrano Deploy Failing on git:check - Permission denied (publickey)
本地 OS:Windows 10 Pro(使用 Git Bash 作为我的终端)
暂存服务器 OS:Ubuntu 16.04 LTS
我一直在努力让基本的 Capistrano 部署在我的暂存服务器上运行。我按照 this guide 设置了 Capistrano。
部署过程总是在 git:check 阶段失败,因为据称无权访问我在 GitLab 上的存储库。我确信我的 SSH 代理转发工作正常,因为我能够通过 SSH 连接到我的服务器并使用我的 SSH 密钥访问 GitLab。 SSH 密钥未存储在我的服务器上的任何位置:
$ ssh deploy@myserver.com
deploy@MyServer:~$ ssh -T git@gitlab.com
debug1: client_input_channel_open: ctype auth-agent@openssh.com rchan 2 win 65536 max 16384
debug1: channel 1: new [authentication agent connection]
debug1: confirm auth-agent@openssh.com
Welcome to GitLab, Alexander!debug1: channel 1: FORCE input drain
None 个关于此问题的问题到目前为止对我有用。
这是我的部署文件:
deploy.rb
set :application, "myapp"
set :branch, "master"
set :repo_url, "git@gitlab.com:MyApp/myapp.git"
# Defaults to false
# Skip migration if files in db/migrate were not modified
set :conditionally_migrate, true
set :ssh_options, { forward_agent: true }
set :rvm_ruby_version, '2.2.6'
# Default deploy_to directory is /var/www/my_app_name
set :deploy_to, "/var/www/#{fetch(:application)}/"
set :deploy_user, "deploy"
# Tells Capistrano to store config/database.yml file inside a directory called /shared, which is meant for any files
# we want to persist between deploys
set :linked_files, fetch(:linked_files, []).push('config/database.yml', 'config/secrets.yml')
# Directories that are meant to persist between deploys, and they will also be stored inside /shared
set :linked_dirs, fetch(:linked_dirs, []).push('bin', 'log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'vendor/bundle', 'public/system', 'public/uploads')
# The specs that should be run before deployment is allowed to continue
set :tests, []
# Delayed Job Config: https://github.com/AgileConsultingLLC/capistrano3-delayed-job
set :delayed_job_workers, 3
# Keep the last 5 deploys for rollback purposes
set :keep_releases, 5
namespace :deploy do
after :restart, :clear_cache do
on roles(:web), in: :groups, limit: 3, wait: 10 do
# Here we can do anything such as:
# within release_path do
# execute :rake, 'cache:clear'
# end
end
end
end
staging.rb
set :stage, :staging
set :rails_env, :staging
role :app, %w{deploy@myserver.com}
role :web, %w{deploy@myserver.com}
role :db, %w{deploy@myserver.com}
这是我部署时的 Capistrano 调试日志:
$ bundle exec cap staging deploy --trace
** Invoke staging (first_time)
** Execute staging
** Invoke load:defaults (first_time)
** Execute load:defaults
** Invoke rvm:hook (first_time)
** Invoke passenger:rvm:hook (first_time)
** Invoke passenger:test_which_passenger (first_time)
** Execute passenger:test_which_passenger
** Execute passenger:rvm:hook
** Execute rvm:hook
** Invoke rvm:check (first_time)
** Execute rvm:check
rvm 1.29.3 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io]
ruby-2.2.6
ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
** Invoke bundler:map_bins (first_time)
** Invoke passenger:bundler:hook (first_time)
** Execute passenger:bundler:hook
** Execute bundler:map_bins
** Invoke deploy:set_rails_env (first_time)
** Execute deploy:set_rails_env
** Invoke deploy:set_linked_dirs (first_time)
** Execute deploy:set_linked_dirs
** Invoke deploy:set_rails_env
** Invoke deploy (first_time)
** Execute deploy
** Invoke deploy:starting (first_time)
** Execute deploy:starting
** Invoke deploy:check (first_time)
** Invoke git:check (first_time)
** Invoke git:wrapper (first_time)
** Execute git:wrapper
00:00 git:wrapper
01 mkdir -p /tmp
✔ 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
✔ 02 deploy@myserver.com 0.277s
** Execute git:check
00:01 git:check
01 git ls-remote git@gitlab.com:MyApp/myapp.git HEAD
01 Permission denied (publickey).
01 fatal: Could not read from remote repository.
01
01 Please make sure you have the correct access rights
01 and the repository exists.
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
Caused by:
SSHKit::Command::Failed: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/command.rb:99:in `exit_status='
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/netssh.rb:169:in `execute_command'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `block in create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `tap'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:74:in `execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:77:in `git'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:38:in `check_repo_is_reachable'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:19:in `block (4 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:93:in `with'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:18:in `block (3 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `instance_exec'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `run'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
Tasks: TOP => deploy:check => git:check
The deploy has failed with an error: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
** Invoke deploy:failed (first_time)
** Execute deploy:failed
** DEPLOY FAILED
** Refer to log/capistrano.log for details. Here are the last 20 lines:
DEBUG [6b6ba2d0] Finished in 0.471 seconds with exit status 0 (successful).
DEBUG [c6e2d7dc] Running ~/.rvm/bin/rvm 2.2.6 do ruby --version as deploy@myserver.com
DEBUG [c6e2d7dc] Command: ~/.rvm/bin/rvm 2.2.6 do ruby --version
DEBUG [c6e2d7dc] ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
DEBUG [c6e2d7dc] Finished in 0.608 seconds with exit status 0 (successful).
INFO [fd5500a8] Running /usr/bin/env mkdir -p /tmp as deploy@myserver.com
DEBUG [fd5500a8] Command: /usr/bin/env mkdir -p /tmp
INFO [fd5500a8] Finished in 0.286 seconds with exit status 0 (successful).
DEBUG Uploading /tmp/git-ssh-myapp-staging-localuser.sh 0.0%
INFO Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
INFO [f33d4873] Running /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh as deploy@myserver.com
DEBUG [f33d4873] Command: /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
INFO [f33d4873] Finished in 0.277 seconds with exit status 0 (successful).
INFO [86d3cd5a] Running /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD as deploy@myserver.com
DEBUG [86d3cd5a] Command: ( export GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/git-ssh-myapp-staging-localuser.sh" ; /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD )
DEBUG [86d3cd5a] Permission denied (publickey).
DEBUG [86d3cd5a] fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
我已经手动尝试 运行 Capistrano 在本地和我的远程服务器上尝试的命令,它们都成功了。我真的被困住了,非常感谢任何帮助!
按照以下步骤将 public 密钥添加到存储库设置中的部署密钥列表中:
本地机器设置:
检查您的本地系统是否有 ~/.ssh/id_rsa.pub 密钥文件。如果没有,创建一个新的:
$ ssh-keygen -t rsa
将新创建的 public 密钥 ~/.ssh/id_rsa.pub 添加到设置中存储库的部署(访问)密钥:
将密钥加载到 ssh-agent:
检查ssh-agent是否是运行ning,如果不是,启动ssh代理
$ ssh-agent /bin/bash
将id_rsa键添加到代理:
$ ssh-add ~/.ssh/id_rsa
注意:有时,如果您收到“访问存储库被拒绝[=86],则需要在每次部署之前完成此步骤(步骤 - 3) =]”部署时出错。
将本地 SSH 密钥添加到部署服务器授权密钥文件(请记住将端口号替换为您自定义的端口号):
$ cat ~/.ssh/id_rsa.pub | ssh -p port_num user@server_ip 'cat >> ~/.ssh/authorized_keys'
deploy.rb
尝试更改 deploy.rb 文件中的 ssh_options 如下:
set :ssh_options, { forward_agent: true, user: "deploy", auth_methods: ['publickey'], keys: %w(~/.ssh/privatekey.pem) }
将 ~/.ssh/privatekey.pem 替换为您的 SSH 私钥文件路径。
部署:
只需运行cap staging deploy即可部署到服务器。
将cap部署命令中的staging替换为需要的环境。
根据您的 cap deploy 输出,从您的笔记本电脑到服务器的 SSH 连接似乎不是问题。
00:00 git:wrapper
01 mkdir -p /tmp
✔ 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
✔ 02 deploy@myserver.com 0.277s
当 capistrano 尝试通过 SSH 运行 git ls-remote git@gitlab.com:MyApp/myapp.git HEAD 时出现此问题。
您需要将 public 密钥添加到 GitLab 中的 SSH 密钥,因为 SSH 代理转发需要在所有目标系统上安装 public 密钥。在你的例子中,Gitlab 是一个目标系统。
cat ~/.ssh/id_rsa.pub # Copy the contents of your public key(filename may be different)
登录 GitLab,然后将 public 密钥粘贴到您的存储库的 SSH 密钥(在存储库设置中找到),这样就可以了。
您还需要在 ssh_options 中指定创建 SSH 密钥的用户。
set :ssh_options, {
forward_agent: true,
user: 'deploy',
}
您还需要将远程服务器的 public 键定义到存储库。显然您的计算机可以访问存储库,但服务器不能。
要获取默认的 public 密钥,您可以查看 ~/.ssh/id_rsa.pub 或者您可以使用 ssh-keygen -t rsa -b 4096 -C "your_email@example.com" 生成一个
不要忘记在服务器中也使用 ssh-add 来初始化 public 密钥。
希望对您有所帮助
感谢所有回答的人,我设法找到了解决方案!罪魁祸首是 Git Bash,无论出于何种原因,当我 运行 chmod 700 ~/.ssh 时,它没有将我的 ~/.ssh 目录的权限更改为 0700。当 Capist运行o 正在部署时,这会阻止 SSH 代理转发工作,但当我手动 SSH 进入我的服务器时则不会。我决定尝试使用 Bash on Ubuntu on Windows (BUW) 而不是 Git Bash,果然,我的部署成功了!我将相同的配置和密钥从 Git Bash 复制到 BUW。唯一的区别是我能够将 BUW 的 ~/.ssh 目录的权限更改为 0700。话虽如此,这是我的问题的解决方案:
1.创建部署密钥并将其添加到 GitLab
正如@Onur 和@grizzthedj 以及@Gokul M 指出的那样,我需要为 GitLab 创建一个部署密钥并在我的服务器上授权它。我是这样做的:
- 在我的本地机器上生成一个新的 SSH 密钥:
ssh-keygen -t rsa -b 4096
- 复制public键的输出:
cat ~/.ssh/id_rsa.pub
- SSH 进入我的服务器
- 将 public 键添加到
~/.ssh/authorized_keys 的末尾
- 回到我的本地机器,打开浏览器,登录到 GitLab,转到我的存储库页面,然后将 public 键粘贴到 设置 > 存储库 >部署密钥
2。使用 BUW 而不是 Git Bash
- 在我的本地计算机上,我使用 this SO answer.
中的说明设置 BUW 以在会话加载时启动 SSH 代理
- 更改
~/.ssh 的权限:chmod 700 ~/.ssh
启动 SSH 代理并将我的部署密钥添加到其中:
eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa
我已经从我的 deploy.rb 文件中删除了 set :ssh_options 行,因为没有它它也能正常工作。
就是这样!看来以后要用BUW部署了
对于那些在未来寻找替代方案的人:
关于此问题的大多数搜索都建议添加 SSH 密钥。如果您确定它们已经添加,并且 ssh -T git@bitbucket.org(或您正在使用的任何 git 服务)显示您已登录,并且设置了代理转发,则替代方法适用于我在 Windows 遇到同样的问题是安装 PuTTY。安装后:
- 打开 PuTTYGen > Conversions > Import Key(如果您有要使用的密钥;否则,生成一个新密钥)
- 运行 Pageant(包含在 PuTTY 中)
- 在系统托盘中找到Pageant,右击,"Add key"
- 添加上述密钥
- 运行
cap deploy 和以前一样
我在另一篇关于 r, so ostensibly it works in those situations, also. This is probably because 的 SO 文章中找到了这个方法。
我遇到了类似的问题,对我来说,我所要做的就是将我的 SSH 密钥添加到 GitHub。此过程的文档可在此处找到:https://docs.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account
本地 OS:Windows 10 Pro(使用 Git Bash 作为我的终端)
暂存服务器 OS:Ubuntu 16.04 LTS
我一直在努力让基本的 Capistrano 部署在我的暂存服务器上运行。我按照 this guide 设置了 Capistrano。
部署过程总是在 git:check 阶段失败,因为据称无权访问我在 GitLab 上的存储库。我确信我的 SSH 代理转发工作正常,因为我能够通过 SSH 连接到我的服务器并使用我的 SSH 密钥访问 GitLab。 SSH 密钥未存储在我的服务器上的任何位置:
$ ssh deploy@myserver.com
deploy@MyServer:~$ ssh -T git@gitlab.com
debug1: client_input_channel_open: ctype auth-agent@openssh.com rchan 2 win 65536 max 16384
debug1: channel 1: new [authentication agent connection]
debug1: confirm auth-agent@openssh.com
Welcome to GitLab, Alexander!debug1: channel 1: FORCE input drain
None 个关于此问题的问题到目前为止对我有用。
这是我的部署文件:
deploy.rb
set :application, "myapp"
set :branch, "master"
set :repo_url, "git@gitlab.com:MyApp/myapp.git"
# Defaults to false
# Skip migration if files in db/migrate were not modified
set :conditionally_migrate, true
set :ssh_options, { forward_agent: true }
set :rvm_ruby_version, '2.2.6'
# Default deploy_to directory is /var/www/my_app_name
set :deploy_to, "/var/www/#{fetch(:application)}/"
set :deploy_user, "deploy"
# Tells Capistrano to store config/database.yml file inside a directory called /shared, which is meant for any files
# we want to persist between deploys
set :linked_files, fetch(:linked_files, []).push('config/database.yml', 'config/secrets.yml')
# Directories that are meant to persist between deploys, and they will also be stored inside /shared
set :linked_dirs, fetch(:linked_dirs, []).push('bin', 'log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'vendor/bundle', 'public/system', 'public/uploads')
# The specs that should be run before deployment is allowed to continue
set :tests, []
# Delayed Job Config: https://github.com/AgileConsultingLLC/capistrano3-delayed-job
set :delayed_job_workers, 3
# Keep the last 5 deploys for rollback purposes
set :keep_releases, 5
namespace :deploy do
after :restart, :clear_cache do
on roles(:web), in: :groups, limit: 3, wait: 10 do
# Here we can do anything such as:
# within release_path do
# execute :rake, 'cache:clear'
# end
end
end
end
staging.rb
set :stage, :staging
set :rails_env, :staging
role :app, %w{deploy@myserver.com}
role :web, %w{deploy@myserver.com}
role :db, %w{deploy@myserver.com}
这是我部署时的 Capistrano 调试日志:
$ bundle exec cap staging deploy --trace
** Invoke staging (first_time)
** Execute staging
** Invoke load:defaults (first_time)
** Execute load:defaults
** Invoke rvm:hook (first_time)
** Invoke passenger:rvm:hook (first_time)
** Invoke passenger:test_which_passenger (first_time)
** Execute passenger:test_which_passenger
** Execute passenger:rvm:hook
** Execute rvm:hook
** Invoke rvm:check (first_time)
** Execute rvm:check
rvm 1.29.3 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io]
ruby-2.2.6
ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
** Invoke bundler:map_bins (first_time)
** Invoke passenger:bundler:hook (first_time)
** Execute passenger:bundler:hook
** Execute bundler:map_bins
** Invoke deploy:set_rails_env (first_time)
** Execute deploy:set_rails_env
** Invoke deploy:set_linked_dirs (first_time)
** Execute deploy:set_linked_dirs
** Invoke deploy:set_rails_env
** Invoke deploy (first_time)
** Execute deploy
** Invoke deploy:starting (first_time)
** Execute deploy:starting
** Invoke deploy:check (first_time)
** Invoke git:check (first_time)
** Invoke git:wrapper (first_time)
** Execute git:wrapper
00:00 git:wrapper
01 mkdir -p /tmp
✔ 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
✔ 02 deploy@myserver.com 0.277s
** Execute git:check
00:01 git:check
01 git ls-remote git@gitlab.com:MyApp/myapp.git HEAD
01 Permission denied (publickey).
01 fatal: Could not read from remote repository.
01
01 Please make sure you have the correct access rights
01 and the repository exists.
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
Caused by:
SSHKit::Command::Failed: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/command.rb:99:in `exit_status='
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/netssh.rb:169:in `execute_command'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `block in create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `tap'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:74:in `execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:77:in `git'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:38:in `check_repo_is_reachable'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:19:in `block (4 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:93:in `with'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:18:in `block (3 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `instance_exec'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `run'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
Tasks: TOP => deploy:check => git:check
The deploy has failed with an error: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
** Invoke deploy:failed (first_time)
** Execute deploy:failed
** DEPLOY FAILED
** Refer to log/capistrano.log for details. Here are the last 20 lines:
DEBUG [6b6ba2d0] Finished in 0.471 seconds with exit status 0 (successful).
DEBUG [c6e2d7dc] Running ~/.rvm/bin/rvm 2.2.6 do ruby --version as deploy@myserver.com
DEBUG [c6e2d7dc] Command: ~/.rvm/bin/rvm 2.2.6 do ruby --version
DEBUG [c6e2d7dc] ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
DEBUG [c6e2d7dc] Finished in 0.608 seconds with exit status 0 (successful).
INFO [fd5500a8] Running /usr/bin/env mkdir -p /tmp as deploy@myserver.com
DEBUG [fd5500a8] Command: /usr/bin/env mkdir -p /tmp
INFO [fd5500a8] Finished in 0.286 seconds with exit status 0 (successful).
DEBUG Uploading /tmp/git-ssh-myapp-staging-localuser.sh 0.0%
INFO Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
INFO [f33d4873] Running /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh as deploy@myserver.com
DEBUG [f33d4873] Command: /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
INFO [f33d4873] Finished in 0.277 seconds with exit status 0 (successful).
INFO [86d3cd5a] Running /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD as deploy@myserver.com
DEBUG [86d3cd5a] Command: ( export GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/git-ssh-myapp-staging-localuser.sh" ; /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD )
DEBUG [86d3cd5a] Permission denied (publickey).
DEBUG [86d3cd5a] fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
我已经手动尝试 运行 Capistrano 在本地和我的远程服务器上尝试的命令,它们都成功了。我真的被困住了,非常感谢任何帮助!
按照以下步骤将 public 密钥添加到存储库设置中的部署密钥列表中:
本地机器设置:
检查您的本地系统是否有
~/.ssh/id_rsa.pub密钥文件。如果没有,创建一个新的:$ ssh-keygen -t rsa将新创建的 public 密钥
~/.ssh/id_rsa.pub添加到设置中存储库的部署(访问)密钥:将密钥加载到
ssh-agent:检查
ssh-agent是否是运行ning,如果不是,启动ssh代理$ ssh-agent /bin/bash将
id_rsa键添加到代理:$ ssh-add ~/.ssh/id_rsa注意:有时,如果您收到“访问存储库被拒绝[=86],则需要在每次部署之前完成此步骤(步骤 - 3) =]”部署时出错。
将本地 SSH 密钥添加到部署服务器授权密钥文件(请记住将端口号替换为您自定义的端口号):
$ cat ~/.ssh/id_rsa.pub | ssh -p port_num user@server_ip 'cat >> ~/.ssh/authorized_keys'
deploy.rb
尝试更改 deploy.rb 文件中的 ssh_options 如下:
set :ssh_options, { forward_agent: true, user: "deploy", auth_methods: ['publickey'], keys: %w(~/.ssh/privatekey.pem) }
将 ~/.ssh/privatekey.pem 替换为您的 SSH 私钥文件路径。
部署:
只需运行cap staging deploy即可部署到服务器。
将cap部署命令中的staging替换为需要的环境。
根据您的 cap deploy 输出,从您的笔记本电脑到服务器的 SSH 连接似乎不是问题。
00:00 git:wrapper
01 mkdir -p /tmp
✔ 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
✔ 02 deploy@myserver.com 0.277s
当 capistrano 尝试通过 SSH 运行 git ls-remote git@gitlab.com:MyApp/myapp.git HEAD 时出现此问题。
您需要将 public 密钥添加到 GitLab 中的 SSH 密钥,因为 SSH 代理转发需要在所有目标系统上安装 public 密钥。在你的例子中,Gitlab 是一个目标系统。
cat ~/.ssh/id_rsa.pub # Copy the contents of your public key(filename may be different)
登录 GitLab,然后将 public 密钥粘贴到您的存储库的 SSH 密钥(在存储库设置中找到),这样就可以了。
您还需要在 ssh_options 中指定创建 SSH 密钥的用户。
set :ssh_options, {
forward_agent: true,
user: 'deploy',
}
您还需要将远程服务器的 public 键定义到存储库。显然您的计算机可以访问存储库,但服务器不能。
要获取默认的 public 密钥,您可以查看 ~/.ssh/id_rsa.pub 或者您可以使用 ssh-keygen -t rsa -b 4096 -C "your_email@example.com" 生成一个
不要忘记在服务器中也使用 ssh-add 来初始化 public 密钥。
希望对您有所帮助
感谢所有回答的人,我设法找到了解决方案!罪魁祸首是 Git Bash,无论出于何种原因,当我 运行 chmod 700 ~/.ssh 时,它没有将我的 ~/.ssh 目录的权限更改为 0700。当 Capist运行o 正在部署时,这会阻止 SSH 代理转发工作,但当我手动 SSH 进入我的服务器时则不会。我决定尝试使用 Bash on Ubuntu on Windows (BUW) 而不是 Git Bash,果然,我的部署成功了!我将相同的配置和密钥从 Git Bash 复制到 BUW。唯一的区别是我能够将 BUW 的 ~/.ssh 目录的权限更改为 0700。话虽如此,这是我的问题的解决方案:
1.创建部署密钥并将其添加到 GitLab
正如@Onur 和@grizzthedj 以及@Gokul M 指出的那样,我需要为 GitLab 创建一个部署密钥并在我的服务器上授权它。我是这样做的:
- 在我的本地机器上生成一个新的 SSH 密钥:
ssh-keygen -t rsa -b 4096 - 复制public键的输出:
cat ~/.ssh/id_rsa.pub - SSH 进入我的服务器
- 将 public 键添加到
~/.ssh/authorized_keys 的末尾
- 回到我的本地机器,打开浏览器,登录到 GitLab,转到我的存储库页面,然后将 public 键粘贴到 设置 > 存储库 >部署密钥
2。使用 BUW 而不是 Git Bash
- 在我的本地计算机上,我使用 this SO answer. 中的说明设置 BUW 以在会话加载时启动 SSH 代理
- 更改
~/.ssh的权限:chmod 700 ~/.ssh 启动 SSH 代理并将我的部署密钥添加到其中:
eval $(ssh-agent -s) ssh-add ~/.ssh/id_rsa
我已经从我的 deploy.rb 文件中删除了 set :ssh_options 行,因为没有它它也能正常工作。
就是这样!看来以后要用BUW部署了
对于那些在未来寻找替代方案的人:
关于此问题的大多数搜索都建议添加 SSH 密钥。如果您确定它们已经添加,并且 ssh -T git@bitbucket.org(或您正在使用的任何 git 服务)显示您已登录,并且设置了代理转发,则替代方法适用于我在 Windows 遇到同样的问题是安装 PuTTY。安装后:
- 打开 PuTTYGen > Conversions > Import Key(如果您有要使用的密钥;否则,生成一个新密钥)
- 运行 Pageant(包含在 PuTTY 中)
- 在系统托盘中找到Pageant,右击,"Add key"
- 添加上述密钥
- 运行
cap deploy和以前一样
我在另一篇关于 r
我遇到了类似的问题,对我来说,我所要做的就是将我的 SSH 密钥添加到 GitHub。此过程的文档可在此处找到:https://docs.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account