Hi Guys, We have a similar setup working i.e. deployment to a target server through gateway server. We are using Webistrano for our deployments that uses capistrano recipes to handle the deployments. Regardless of the software (Webistrano), I think if you implement the same flow, you most probably will have success.
Here is the setup: Deployment server (DS): The server from where you will trigger the deployment. Gateway Server (GW): The server that you will use to access the target server Target server (TS): The server where your deployments take place. We have implemented password-less authentication i.e. ssh key based authentication. This make your life a lot easier. So what you can do is: Create a user e.g. 'capistrano' on DS, generate its ssh keys using ssh-keygen. Copy this user's id_rsa.pub (the public key, inside the .ssh directory). Create same user on GW, generate its ssh keys using ssh-keygen. Add DS user's public key to GW user's authorized keys (authorized_keys files under .ssh folder) Test the ssh access from DS to GW, should work. Create same user on TS, generate its ssh keys using ssh-keygen. Add DS user's public key to TS user's authorized keys (authorized_keys files under .ssh folder) That's all you need. Modify the recipe accordingly to set the user/gateway accordingly and test your setup. Hope this helps! -Noman A. On Thu, May 24, 2012 at 10:34 PM, Irish <[email protected]> wrote: > Hey Cory, > I have to implement a similiar setup to yours, where theres a gateway > server between me and the deployment server. Did you ever get this working? > > > > On Monday, April 16, 2012 6:34:29 PM UTC-7, Cory Foy wrote: >> >> Hi All, >> >> I have a not-so-abnormal setup of a server which is behind a gateway. >> The gateway access is available with SSH, and once there, I can ssh to >> the target server without a password. >> >> The gateway and target servers have different usernames (target is >> running as root - I know, I didn't set it up). I've read many article >> on Gateway setup, and have something like this: >> >> config/deploy.rb >> set :gateway, "dialup.ssh.server" >> set :user "my_user_name" >> set :ssh_options, {:forward_agent => true} >> #other options >> >> config/deploy/staging.rb >> server "internal.server", :app, :web, :db, :primary => true, :user => >> 'root' >> #other options >> >> When I run cap deploy:setup it connects to the gateway fine, then it >> attempts to connect to my internal server, which fails with a >> Net::SSH::**AuthenticationFailed: root error. >> >> What I've tried: >> server "internal.server", :app, :web, :db, :primary => true, :user => >> 'root', :password => nil >> server "internal.server", :app, :web, :db, :primary => true, :user => >> 'root', :auth_methods => ["publickey", "hostbased"] >> >> Any other suggestions? >> >> Cory >> > -- > * You received this message because you are subscribed to the Google > Groups "Capistrano" group. > * To post to this group, send email to [email protected] > * To unsubscribe from this group, send email to > [email protected] For more options, visit this > group at http://groups.google.com/group/capistrano?hl=en -- * You received this message because you are subscribed to the Google Groups "Capistrano" group. * To post to this group, send email to [email protected] * To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/capistrano?hl=en
