Could be wrong but the problem seems to be on SSH's side. First, is 'identity' the name of this file on your system? I know on my debian boxes its 'authorized_keys'
2nd thing to check is your local ssh config (box1) to ensure that the order the different auth schemes is correct. Should be by default, but this is configurable if I recall correctly. 3rd, and not sure if capistrano responds to this (it should) you *could* edit your ~/.ssh/config to force a certain key for a certain host. The Man Page should help you sort this one out. However, consider that you don't need separate keys for the same box. It only adds a modicum of "security". Think of the key pair as unique to each client and use the same one for your various hosts. There is a limit to the number of keys you can have (I think mine maxed out at 10) before weird errors started. After that, I went down to one and life got a lot easier :) Last thing that comes to mind is that if your local keys have odd names (default for me is id_rsa), it might not even be sending the keys and hence defaulting to password auth and might the cause of your issue here. Good Luck! ~ Eric Marden On Tue, May 25, 2010 at 1:43 PM, Ernest Mueller <[email protected]>wrote: > I'm still having a bit of trouble with capistrano and SSH and wanted to > make sure I'm not missing something... > > I am running capistrano from box1. I want to go to box2 (ssh key a) and > box3 (ssh key b). Everything as root. No passphrases on keys. > > Box 1 also uses ssh key a so I set up a .ssh/identity file that's a.pem. I > have b.pem just laying around. So if I > ssh box2 > it goes in just fine. If I > ssh -i b.pem box3 > it also logs in fine. > > I set up a capfile: > > role :foo, "box2" > role :bar, "box3" > > So naturally if I > cap ROLES=foo COMMAND="echo 'hello world'" invoke > it works; if I > cap ROLES=bar COMMAND="echo 'hello world'" invoke > it asks for a password, and fails: > connection failed for: box3 (Net::SSH::AuthenticationFailed: root) > > Now, I want to be able to cap stuff to two different hosts that use two > different keys, ideally, without swapping out my identity file. I think I > should be able to do this: > > config/deploy.rb > ssh_options[:keys] = [File.join(ENV["HOME"], "b.pem")] > > But this doesn't appear to do anything - same deal, it asks for a password > and fails when I don't give one. Is it supposed to? I would really like > to specify other ssh info without editing the actual ssh config stuff, as > my use case is "use this one capistrano installation to distribute stuff to > a variety of hosts using a variety of keys". And the hostnames are pretty > dynamic, so keeping up a long list of > .ssh/config: > host box1 > IdentityFile ~/.ssh/a.pem > host box2 > IdentityFile ~/.ssh/b.pem > > is not desirable. Is there a way to get capistrano to do this or is the > answer "we totally punt to the stock ssh setup?" > > Ernest > ______________________ > UN-altered REPRODUCTION and DISSEMINATION of > this IMPORTANT information is ENCOURAGED. > > > -- > * You received this message because you are subscribed to the Google Groups > "Capistrano" group. > * To post to this group, send email to [email protected] > * To unsubscribe from this group, send email to > [email protected]<capistrano%[email protected]>For > more options, visit this group at > http://groups.google.com/group/capistrano?hl=en > -- * You received this message because you are subscribed to the Google Groups "Capistrano" group. * To post to this group, send email to [email protected] * To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/capistrano?hl=en
