Comments (9)
@mattbrictson It may also be good to give alternate instructions for users who aren't using gemfiles in projects, and aren't that well-versed in Ruby. Would something like this work?
gem install 'bcrypt_pbkdf:<2.0' 'ed25519:<2.0'
from capistrano.
Capistrano actually uses the net-ssh gem for SSH, not OpenSSH. Can you run irb
to start a Ruby console and then test the following (substitute xxx.xx.xxx.xxx with your action hostname)?
$ irb
>> require "net/ssh"
true
>> Net::SSH.start("xxx.xx.xxx.xxx", "deploy")
If you still get a Net::SSH::AuthenticationFailed
exception, then this is probably a net-ssh issue and not a capistrano one.
from capistrano.
Hi, I just opened an issue (capistrano/sshkit#495) and then found yours - could you elaborate on updating Net-SSH manually? I wonder if it is related to my situation and would like to give it a try. I installed Capistrano in RVM, does that make a difference? My apologies if these are rookie questions - I rarely work with Ruby but try to utilize Capistrano more.
from capistrano.
Capistrano uses net-ssh, and net-ssh has chosen not to include ed25519 support by default. To enable it, you have to install two additional gems, like this:
gem "bcrypt_pbkdf", require: false
gem "ed25519", require: false
If you don't do this, then net-ssh should helpfully print an error message when you try to connect using an ed25519 key:
net-ssh requires the following gems for ed25519 support:
* ed25519 (>= 1.2, < 2.0)
* bcrypt_pbkdf (>= 1.0, < 2.0)
See https://github.com/net-ssh/net-ssh/issues/565 for more information
Is this the "having to update net-ssh manually" that you mentioned?
Since ed25519 is very common these days (as you pointed out), we could document this better in the Capistrano README, something I proposed in #1825. Would that be a good solution?
from capistrano.
Thank you!
Yes, that is what I meant. It looks like my issue is not related however, I still receive the same output, and it does not show the useful error message you pointed out. But it was worth a try!
from capistrano.
gem install 'bcrypt_pbkdf:<2.0' 'ed25519:<2.0'
@charlieartist yes, that should work.
from capistrano.
I think I've encountered an issue related to this. My server has an id_ed25519
key. When I try to deploy with cap production deploy
I am seeing the following error:
#<Thread:0x0000000109077510 /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as [email protected]: Authentication failed for user [email protected] (SSHKit::Runner::ExecuteError)
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/Users/me/.rvm/gems/ruby-3.1.2/gems/net-ssh-6.1.0/lib/net/ssh.rb:268:in `start': Authentication failed for user [email protected] (Net::SSH::AuthenticationFailed)
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `call'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `with'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:177:in `with_ssh'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:130:in `execute_command'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `block in create_command_and_execute'
from <internal:kernel>:90:in `tap'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `create_command_and_execute'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:61:in `test'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/capistrano-passenger-0.2.1/lib/capistrano/tasks/passenger.cap:43:in `block (3 levels) in <top (required)>'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `instance_exec'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `run'
from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as [email protected]: Authentication failed for user [email protected]
Caused by:
Net::SSH::AuthenticationFailed: Authentication failed for user [email protected]
Tasks: TOP => rvm:hook => passenger:rvm:hook => passenger:test_which_passenger
I can't figure out why this is happening, but my guess is that it has something to do with OpenSSH and ed25519 encryption 🤔
from capistrano.
Thanks, yes it seems to be a net-ssh problem in that case 🤔 I've raised an issue there.
from capistrano.
I'm running into a simalar error. But it's not attempting to use the key. I being prompted for a password that is not accepted.
bundle exec cap production deploy:check
/Users/antarr/.rbenv/versions/3.0.1/lib/ruby/3.0.0/digest.rb:6: warning: already initialized constant Digest::REQUIRE_MUTEX
/Users/antarr/.rbenv/versions/3.0.1/lib/ruby/gems/3.0.0/gems/digest-3.1.0/lib/digest.rb:20: warning: previous definition of REQUIRE_MUTEX was here
[email protected]'s password:
[email protected]'s password:(Backtrace restricted to imported tasks)
cap aborted!
Interrupt:
set :ssh_options, {
forward_agent: true,
user: fetch(:user),
keepalive: true,
keys: %w(~/.ssh/id_rsa ~/.ssh/id_ed25519),
}
from capistrano.
Related Issues (20)
- Ruby 3.1: Can't run rubocop on capistrano repo HOT 1
- Can't continue deploying after for while via capistrano HOT 1
- Authentication failed for user HOT 1
- When I was running this "" command it showing error I don't understand why this error showing I was try to deploy with Jenkins pipeline, and I also add my public key deployment server still this error show (-t for tag)
- When I was running this "bundle exec cap demo deploy -t latest" command it showing error, I was try to deploy with Jenkins pipeline and my public ssh key add deploy server ERROR: SSHKit::Runner::ExecuteError: HOT 1
- Git CVE-2022-24765 and `safe.directory` Exceptions with Multiple Users HOT 6
- Documentation references the deprecated :scm variable HOT 2
- rsync instead of scp? HOT 2
- Default scm branch to "main" HOT 1
- If there is no way deploy with capistrano? [GitHub action] HOT 2
- Connection stale when running a command that takes ~4 hours to finish HOT 1
- Capistrano deletes last working deployment if recovering from too many failures HOT 1
- Deployment fail on precompile -> compilation step. Possible memory leak? HOT 3
- Deploying a new app to a staging server won't start/restart puma/systemd HOT 1
- Switch from CircleCI to GitHub Actions
- Danger CI job doesn't run on PRs from forks
- Security issue reported to [email protected]
- Docs bug HOT 2
- Deployment fails with Ruby 3.3.0-rc1 HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from capistrano.