如何配置 capistrano 使用本地 rsa 密钥而不是 ssh 代理
我使用 capistrano 使用位于 ~/.ssh/id_rsa 的本地 rsa 密钥来部署我的项目。这总是按预期工作。
现在我在新计算机上安装了开发环境,现在当我运行 cap ...deploy 时,出现以下错误:
仅当 ED25519 可用时才支持 OpenSSH 密钥 (NotImplementedError) net-ssh 需要以下 gem 来支持 ed25519:
- ed25519(>= 1.2,<2.0)
- bcrypt_pbkdf(>= 1.0,<2.0)
我在谷歌搜索时发现了很多关于此的问题。大多数人建议运行 ssh-add ~/.ssh/id_rsa 来将密钥添加到 ssh 代理,有些人建议安装列出的两个 gem 并使用 ed25519 密钥。
我从那里了解到,capistrano 正在寻找存储在 ssh 代理中的密钥,然后回退到使用 ed25519 密钥。我需要的是 capistrano 只是使用位于 ~/.ssh/id_rsa 的本地 ssh 密钥。
我没有找到如何告诉 capistrano 使用本地 ssh 密钥 ~/.ssh/id_rsa 而不是 ssh 代理。
注释
我在 Windows 上使用 cygwin,并且安装永久 ssh 代理很棘手。我找到了冗长的说明,但没有让它发挥作用。
作为解决方法,我在 cap ...deploy 之前运行这些命令
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
长问题简短
如何配置 capistrano 或 ssh 来实现 cap ...deploy< /code> 在 ~/.ssh/id_rsa 选择 RSA 密钥来连接到远程服务器?
I used capistrano to deploy my project using my local rsa key located at ~/.ssh/id_rsa. This always worked as expected.
Now I installed the development environment on a new computer, and now when I run cap ... deploy, I get this error:
OpenSSH keys only supported if ED25519 is available (NotImplementedError)
net-ssh requires the following gems for ed25519 support:
- ed25519 (>= 1.2, < 2.0)
- bcrypt_pbkdf (>= 1.0, < 2.0)
I found plenty of questions about this while googling. Most suggest to run ssh-add ~/.ssh/id_rsa to add the key to the ssh agent, some suggest to install the two listed gems and use a ed25519 key.
I understand from there, that capistrano is looking for a key stored in the ssh agent, and then falls back to using an ed25519 key. What I need is that capistrano simply is using the local ssh key located at ~/.ssh/id_rsa.
I didn't find how to tell capistrano to use the local ssh key ~/.ssh/id_rsa instead of the ssh agent.
Notes
I am using cygwin on Windows, and the installation of a permanent ssh agent is tricky. I found lengthy instructions, but did not get it to work.
As a workaround, I run these commands before cap ... deploy
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
Long question short
How can I configure capistrano or ssh that way that cap ... deploy picks the RSA key at ~/.ssh/id_rsa to connect to the remote server ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这似乎是 SSH 问题,而不是 Capistrano 问题。首先是一些解释。
ssh-agent将解密的密钥安全地存储在内存中,并且“没有合理且安全的方法来在重新启动/重新登录期间保留解密的密钥”ssh-add< /code> 只是将这些密钥添加到您的代理中 话虽如此,您的操作系统似乎在启动时不会自动在 ssh 代理上加载密钥,因此解决方案是自动执行此任务并将其设置为在启动时运行您开始会话。
我不是 Windows 用户,我没有任何方法来测试这个答案,但希望这能解决您的问题。
看看这个线程。
This seems to be a SSH issue instead a Capistrano one. First some explanations..
ssh-agentstores securely your decrypted keys on memory and "there is no reasonable and safe way to preserve the decrypted keys among reboots/re-logins"ssh-addjust adds these keys to your agentWith that said, it seems that your operative system isn't loading your keys on your ssh agent automatically when it boot, so the solution is to automate this task and set it up to run when you starts your session.
I'm not a Windows user and I don't have any way to test this answer, but hope this solve your problem.
Take a look to this thread.