Yes, but the keys don't work that way with gateways, sorry. I've not had time to really examine what you are trying to do, but at least I can say that the gateway is only used for the connection from your machine to the ssh hosts, and have nothing to do with the ssh hosts making further connections (to git repositories, etc)
Lee Hambley -- http://lee.hambley.name/ +49 (0) 170 298 5667 On 18 June 2013 14:25, TheGryzor123 <[email protected]> wrote: > Do you think my code above is correct with 2 keys? We have a key for the > gateway and another one for the private server. > > When I try to deploy, Capistrano says: > > * establishing connection to gateway `"ubuntu@MY_GATEWAY_IP:1122"' > * Creating gateway using ubuntu@MY_GATEWAY_IP:1122 > ** [deploy:update_code] exception while rolling back: > Net::SSH::AuthenticationFailed, ubuntu > authentication failed for `ubuntu' > > > On Tuesday, June 18, 2013 12:57:31 PM UTC+1, Lee Hambley wrote: > >> .pem keys should work FWIW, we use them for some internal projects here >> (EC2, again) - >> >> Lee Hambley >> -- >> http://lee.hambley.name/ >> +49 (0) 170 298 5667 >> >> >> On 18 June 2013 13:56, TheGryzor123 <[email protected]> wrote: >> >>> Thanks so much for your reply. >>> >>> I have to use a gateway because we are using a VPN (private network) and >>> our server are not directly accessible from the net. >>> >>> All our servers require a .pem key to be able to log into, it's a >>> standard procedure on Amazon EC2. So I can SSH from one server to another >>> using the right key and the right port. Of course I suppose that if I omit >>> the key then the connection will be refused ;) >>> >>> I can show you the logs if you want to. >>> >>> On Tuesday, June 18, 2013 1:13:41 AM UTC+1, Michael Richardson wrote: >>>> >>>> TheGryzor123 <[email protected]> wrote: >>>> > Here is the architecture: >>>> >>>> > DeploymentServer --> Gateway --> PrivateServer >>>> >>>> > I don't know Ruby and I'm not a Capistrano expert so could you >>>> tell me if >>>> > there is something wrong in my code? >>>> >>>> > ssh_options[:forward_agent] = true >>>> > set :ssh_options, {:auth_methods => 'publickey'} >>>> >>>> That's the default, as far as I know. >>>> >>>> > ssh_options[:verbose] = :debug >>>> > set :ssh_options, {:keys => ['~/.ssh/GATEWAY_KEY.pem', >>>> > '~/.ssh/PRIVATE_SERVER_KEY.**pem**']} >>>> >>>> I'm not aware of these options. I've never known the implementation to >>>> use >>>> pem encoded keys. Why would you specify the gateways keys? >>>> >>>> > It doesn't work and using this syntax I wonder how Capistrano >>>> could figure >>>> > out which key to use. Using SSH from one server to another it >>>> works. >>>> >>>> Can you please detail, "it works", what specifically works? >>>> I think that if you specify a gateway, that you are telling capistrano >>>> that in order to reach DeploymentServer, it should use Gateway. >>>> I don't think it applies at all to the outgoing ssh to get code. >>>> >>>> Login to DeploymentServer, and configure .ssh/config such that you >>>> can "ssh privateserver" and have it work. You'll want to read the >>>> ssh_config man page, and likely specify a Hostname and Port in the >>>> config for "privateserver" >>>> >>>> >>>> -- >>>> ] Never tell me the odds! | ipv6 mesh >>>> networks [ >>>> ] Michael Richardson, Sandelman Software Works | network >>>> architect [ >>>> ] [email protected] http://www.sandelman.ca/ | ruby on >>>> rails [ >>>> >>>> -- >>> -- >>> * You received this message because you are subscribed to the Google >>> Groups "Capistrano" group. >>> * To post to this group, send email to [email protected] >>> * To unsubscribe from this group, send email to capistrano+...@** >>> googlegroups.com For more options, visit this group at >>> http://groups.google.com/**group/capistrano?hl=en<http://groups.google.com/group/capistrano?hl=en> >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "Capistrano" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to capistrano+...@**googlegroups.com. >>> >>> For more options, visit >>> https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out> >>> . >>> >>> >>> >> >> -- > -- > * You received this message because you are subscribed to the Google > Groups "Capistrano" group. > * To post to this group, send email to [email protected] > * To unsubscribe from this group, send email to > [email protected] For more options, visit this > group at http://groups.google.com/group/capistrano?hl=en > --- > You received this message because you are subscribed to the Google Groups > "Capistrano" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- -- * You received this message because you are subscribed to the Google Groups "Capistrano" group. * To post to this group, send email to [email protected] * To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/capistrano?hl=en --- You received this message because you are subscribed to the Google Groups "Capistrano" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
