On 4/23/09 2:11 AM, martins wrote: > Jamis, > > It does not work with the -N option, I´m not getting the login prompt > on the gateway.
Right...that's the point. All you need the gateway for is the tunnelled connection in the next command. You don't need the shell. So you do it with the -N, like I said, and let it sit there. Then, in a new terminal window, you try the second command. > I´ve tried adding this option, without luck. > ssh_options[:keys] = %w(.ssh/id_rsa-target) Don't forget the ~ to say it's relative to your home directory: %w(~/.ssh/id_rsa-target) - Jamis > > > -- > Martins > > On Apr 22, 3:46 pm, Jamis Buck<[email protected]> wrote: >> Gateway access via capistrano is not the same as logging into the target >> machine from the gateway machine. What capistrano does is open a >> forwarded connection from your workstation directly to the target >> machine, via the gateway. >> >> It's the same as doing something like this: >> >> # in one terminal window: >> workstation$ ssh -N -L 1234:target:22 gateway >> >> # in another terminal window: >> workstation$ ssh -p 1234 localhost >> >> What that does is open a forwarded port from workstation (port 1234) to >> target (port 22), via an ssh connection to gateway. Then, it opens an >> ssh connection on workstation (port 1234), which is then forwarded to >> target. If that approach works for you without a password, then it >> should work for capistrano without a password, too. >> >> - Jamis >> >> On 4/22/09 6:57 AM, martins wrote: >> >>> Hi, >>> I´m trying to deploy to target-server from workstation trough gateway- >>> server. >>> workstation$ ssh gateway # Lets me inn without asking for >>> password >>> gateway$ ssh target # Grants access without password. >>> I´m using ~/.ssh/id_rsa in both cases, but they are not identical. >>> deploy.rb >>> set :repository, "[email protected]:project.git" >>> set :scm, "git" >>> set :user, "martins" >>> ssh_options[:config]=false >>> ssh_options[:auth_methods] = "publickey" >>> ssh_options[:verbose] = :debug >>> set :gateway, 'mart...@gateway-server' >>> role :app, "target-server" >>> role :web, "target-server" >>> role :db, "target-server", :primary => true >>> workstation$ cap deploy * Creating gateway using mart...@gateway- >>> server >>> DEBUG -- net.ssh.transport.session[90b3e8]: establishing connection to >>> gateway-server:22 >>> DEBUG -- net.ssh.transport.session[90b3e8]: connection established >>> [snipp..] >>> DEBUG -- net.ssh.authentication.methods.publickey[903634]: publickey >>> succeeded >>> * establishing connection to `target-server' via gateway >>> DEBUG -- net.ssh.transport.session[900b28]: establishing connection to >>> 127.0.0.1:65533 >>> DEBUG -- net.ssh.authentication.session[8f3720]: allowed methods: >>> publickey,password >>> ERROR -- net.ssh.authentication.session[8f3720]: all authorization >>> methods failed (tried publickey) >>> *** [deploy:update_code] rolling back >>> * executing "rm -rf /var/sites/matrix-ai/releases/20090422103117; >>> true" >>> servers: ["target-server"] >>> * establishing connection to `target-server' via gateway >>> DEBUG -- net.ssh.transport.session[8ee1b2]: establishing connection to >>> 127.0.0.1:65532 >>> DEBUG -- net.ssh.transport.session[8ee1b2]: connection established >>> INFO -- net.ssh.transport.server_version[8edcee]: negotiating >>> protocol version >>> DEBUG -- net.ssh.service.forward[901366]: received connection on >>> 127.0.0.1:65532 >>> INFO -- net.ssh.connection.session[901636]: >>> channel_open_confirmation: 1 1 2097152 32768 >>> INFO -- net.ssh.connection.channel[8eda82]: direct channel >>> established >>> DEBUG -- net.ssh.transport.server_version[8edcee]: remote is `SSH-2.0- >>> OpenSSH_4.7p1 Debian-8ubuntu1.2' >>> DEBUG -- net.ssh.transport.server_version[8edcee]: local is `SSH-2.0- >>> Ruby/Net::SSH_2.0.11 i686-darwin9' >>> DEBUG -- net.ssh.authentication.session[8e0eea]: beginning >>> authentication of `martins' >>> DEBUG -- net.ssh.authentication.session[8e0eea]: trying publickey >>> DEBUG -- net.ssh.authentication.agent[8dee4c]: connecting to ssh-agent >>> DEBUG -- net.ssh.authentication.agent[8dee4c]: sending agent request 1 >>> len 45 >>> DEBUG -- net.ssh.authentication.agent[8dee4c]: received agent packet 2 >>> len 5 >>> DEBUG -- net.ssh.authentication.agent[8dee4c]: sending agent request >>> 11 len 0 >>> DEBUG -- net.ssh.authentication.agent[8dee4c]: received agent packet >>> 12 len 5 >>> DEBUG -- net.ssh.authentication.methods.publickey[8dee88]: trying >>> publickey >>> DEBUG -- net.ssh.connection.channel[8eda82]: read 372 bytes from >>> client, sending over local forwarded connection >>> INFO -- net.ssh.connection.session[901636]: channel_data: 1 68b >>> DEBUG -- net.ssh.authentication.session[8e0eea]: allowed methods: >>> publickey,password >>> ERROR -- net.ssh.authentication.session[8e0eea]: all authorization >>> methods failed (tried publickey) >>> ** [deploy:update_code] exception while rolling back: >>> Capistrano::ConnectionError, connection failed for: target-server >>> (Net::SSH::AuthenticationFailed: martins) >>> connection failed for: target-server (Net::SSH::AuthenticationFailed: >>> martins) >>> ~/.ssh/config is empty on both gateway and workstation. >>> Any idea why this fails? Can I provide more information? >>> Cheers, >>> Martin Stabenfeldt >> > > --~--~---------~--~----~------------~-------~--~----~ To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/capistrano -~----------~----~----~----~------~----~------~--~---
