Git Product home page Git Product logo

Comments (9)

charlieartist avatar charlieartist commented on May 27, 2024 1

@mattbrictson It may also be good to give alternate instructions for users who aren't using gemfiles in projects, and aren't that well-versed in Ruby. Would something like this work?
gem install 'bcrypt_pbkdf:<2.0' 'ed25519:<2.0'

from capistrano.

mattbrictson avatar mattbrictson commented on May 27, 2024 1

Capistrano actually uses the net-ssh gem for SSH, not OpenSSH. Can you run irbto start a Ruby console and then test the following (substitute xxx.xx.xxx.xxx with your action hostname)?

$ irb
>> require "net/ssh"
true
>> Net::SSH.start("xxx.xx.xxx.xxx", "deploy")

If you still get a Net::SSH::AuthenticationFailed exception, then this is probably a net-ssh issue and not a capistrano one.

from capistrano.

tacerus avatar tacerus commented on May 27, 2024

Hi, I just opened an issue (capistrano/sshkit#495) and then found yours - could you elaborate on updating Net-SSH manually? I wonder if it is related to my situation and would like to give it a try. I installed Capistrano in RVM, does that make a difference? My apologies if these are rookie questions - I rarely work with Ruby but try to utilize Capistrano more.

from capistrano.

mattbrictson avatar mattbrictson commented on May 27, 2024

Capistrano uses net-ssh, and net-ssh has chosen not to include ed25519 support by default. To enable it, you have to install two additional gems, like this:

gem "bcrypt_pbkdf", require: false
gem "ed25519", require: false

If you don't do this, then net-ssh should helpfully print an error message when you try to connect using an ed25519 key:

net-ssh requires the following gems for ed25519 support:
 * ed25519 (>= 1.2, < 2.0)
 * bcrypt_pbkdf (>= 1.0, < 2.0)
See https://github.com/net-ssh/net-ssh/issues/565 for more information

Is this the "having to update net-ssh manually" that you mentioned?

Since ed25519 is very common these days (as you pointed out), we could document this better in the Capistrano README, something I proposed in #1825. Would that be a good solution?

from capistrano.

tacerus avatar tacerus commented on May 27, 2024

Thank you!
Yes, that is what I meant. It looks like my issue is not related however, I still receive the same output, and it does not show the useful error message you pointed out. But it was worth a try!

from capistrano.

mattbrictson avatar mattbrictson commented on May 27, 2024

gem install 'bcrypt_pbkdf:<2.0' 'ed25519:<2.0'

@charlieartist yes, that should work.

from capistrano.

DaniG2k avatar DaniG2k commented on May 27, 2024

I think I've encountered an issue related to this. My server has an id_ed25519 key. When I try to deploy with cap production deploy I am seeing the following error:

#<Thread:0x0000000109077510 /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as [email protected]: Authentication failed for user [email protected] (SSHKit::Runner::ExecuteError)
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/Users/me/.rvm/gems/ruby-3.1.2/gems/net-ssh-6.1.0/lib/net/ssh.rb:268:in `start': Authentication failed for user [email protected] (Net::SSH::AuthenticationFailed)
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `call'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/connection_pool.rb:63:in `with'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:177:in `with_ssh'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/netssh.rb:130:in `execute_command'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `block in create_command_and_execute'
        from <internal:kernel>:90:in `tap'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:148:in `create_command_and_execute'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:61:in `test'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/capistrano-passenger-0.2.1/lib/capistrano/tasks/passenger.cap:43:in `block (3 levels) in <top (required)>'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `instance_exec'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/backends/abstract.rb:31:in `run'
        from /Users/me/.rvm/gems/ruby-3.1.2/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as [email protected]: Authentication failed for user [email protected]


Caused by:
Net::SSH::AuthenticationFailed: Authentication failed for user [email protected]

Tasks: TOP => rvm:hook => passenger:rvm:hook => passenger:test_which_passenger

I can't figure out why this is happening, but my guess is that it has something to do with OpenSSH and ed25519 encryption 🤔

from capistrano.

DaniG2k avatar DaniG2k commented on May 27, 2024

Thanks, yes it seems to be a net-ssh problem in that case 🤔 I've raised an issue there.

from capistrano.

antarr avatar antarr commented on May 27, 2024

I'm running into a simalar error. But it's not attempting to use the key. I being prompted for a password that is not accepted.

 bundle exec cap production deploy:check
/Users/antarr/.rbenv/versions/3.0.1/lib/ruby/3.0.0/digest.rb:6: warning: already initialized constant Digest::REQUIRE_MUTEX
/Users/antarr/.rbenv/versions/3.0.1/lib/ruby/gems/3.0.0/gems/digest-3.1.0/lib/digest.rb:20: warning: previous definition of REQUIRE_MUTEX was here
[email protected]'s password:
[email protected]'s password:(Backtrace restricted to imported tasks)
cap aborted!
Interrupt: 
set :ssh_options, {
  forward_agent: true,
  user: fetch(:user),
  keepalive: true,
  keys: %w(~/.ssh/id_rsa ~/.ssh/id_ed25519),
}

from capistrano.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.