On Jan 25, 2007, at 11:10 AM, Paul Stadig wrote:
>
> I figured out a hack to get it to work using a monkey patch in my
> deploy.rb file:
>
> class Capistrano::SCM::Base
> private
> alias_method :run_checkout_old, :run_checkout
> def run_checkout(actor, guts, &block)
> run_checkout_old(actor, "eval `keychain --eval id_rsa` && #
> {guts}",
> &block)
> end
> end
That works. A cleaner alternative is to change your sshd
configuration to allow user conf files for non-interactive sessions.
I believe that technique has been mentioned on this list before, you
might try searching and see if you come up with any hits.
>
> I would rather hear better alternatives if there are any. Additionally
> I think I found a bug in Capistrano, I was getting the error
>
> * querying latest revision...
> Permission denied (publickey,keyboard-interactive).
> svn: Connection closed unexpectedly
>
> and I assumed it was a problem with the ssh-agent on my app server
> when
> it was trying to check out the code. It is actually a problem on my
> local machine, and I think it is because the svn_log method on the
> SCM::Subversion class is not using the :subversion_username config. My
> username on my local machine is different than the username on my SVN
> server.
Good catch. I'll get that fixed.
- Jamis
>
> At least I think that's the problem, but I may be wrong?
>
>
> Paul
>
> On Jan 25, 11:09 am, "Paul Stadig" <[EMAIL PROTECTED]> wrote:
>> I've search through the group, and I've been trying to figure out
>> a way
>> to setup public/private key deployment for my particular situation.
>>
>> My SVN server is separate from my app server, and it requires public
>> key auth. I understand that Net::SSH does not support agent
>> forwarding,
>> so I figured I have two options: 1) create a passwordless key just
>> for
>> checking out from SVN (not totally desirable), or 2) setup a long
>> running ssh-agent using keychain
>> (http://www.gentoo.org/proj/en/keychain/).
>>
>> I've tried adding keychain to different files on my SVN server
>> (~/.bashrc, ~/.bash_profile, /etc/bash.bashrc, /etc/profile), but I'm
>> never able to get the ssh-agent environment variables to work with
>> capistrano. I'm not sure if the way capistrano is connecting it isn't
>> sourcing my .bashrc file or something?
>>
>> I've even tried running keychain in my before_update_code to set the
>> environment variables:
>>
>> task :before_update_code do
>> run 'env'
>> run 'keychain id_rsa' do |channel, stream, data|
>> if data =~ /^Enter passphrase/
>> $stdout.write("Please enter your SSH key password: ")
>> pwd = $stdin.readline
>> $stdout.puts pwd
>> channel.send_data pwd
>> end
>> end
>> run 'env'
>> end
>>
>> This works in the sense that the next time I log in to my SVN server
>> keychain automatically picks up my ssh key, but the capistrano
>> session
>> does not seem to pick up the environment variables for the ssh-agent.
>>
>> So, capistrano won't pick up the environment variables from my
>> profile,
>> and I can't inject environment variables into the capistrano session.
>> Does any one know how to accomplish either of these two?
>>
>> TIA,
>> Paul
>
>
> >
--~--~---------~--~----~------------~-------~--~----~
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/capistrano
-~----------~----~----~----~------~----~------~--~---
