Amazon EC2 + Capistrano + Git: Permission denied (publickey)
When I deploy a Rails app to Amazon EC2 server with using Capistrano, I get
** [IP.compute-1.amazonaws.com :: out] Permission denied (publickey). ** [IP.compute-1.amazonaws.com :: out] fatal: The remote end hung up unexpectedly
while executing the
I think it has something to do with Github keys, but I don’t know how to set it up.
I would be grateful for every advise!
I generated the new key on Github, put it into id_rsa.pub and on my EC2 server I created the file .ssh/authorized_keys with this key, but it still doesn’t work.
What’s wrong with that?
2 Solutions collect form web for “Amazon EC2 + Capistrano + Git: Permission denied (publickey)”
To use ssh agent:
ssh_options[:forward_agent] = true
To use your pem file:
ssh_options[:auth_methods] = ["publickey"] ssh_options[:keys] = ["/path/to/file.pem"]
To enable agent in your local
You will have to execute this command each time, I don’t know the scope of ‘each time’, I added ssh-add to run each time I open a new tab in terminal with
echo ssh-add >> ~/.bashrc, depending in your OS and configuration.
The process, as far as I understand is this:
- You have an ssh-agent in your local
- You connect to server you are deploying with pem file, as you do with
ssh, but this time through Capistrano
- Remote server uses your agent to use your key to checkout git repo inside deploy machine.
Can you first SSH to your EC2 instance and then second, clone your github repo from the EC2 instance using the ssh keys that are installed on your EC2 instance?
With all of these distributed workflows things can get a little confusing, so let me try and puzzle out what you’re doing wrong.
The id_rsa.pub that you installed on Github corresponds with private key. Usually, this is in
~/.ssh/id_rsa This keypair enables a holder of the private key to SSH to github.
.ssh/authorized_keys is an SSH server configuration.
authorized_keys contains the public keys (i.e.,
id_rsa.pub) to enables an SSH server to accept incoming connections from machines with the corresponding private key. The
authorized_keys file is not relevant to your cloning issue.
The EC2 instance is trying to contact the Github repository in order to clone the repository from Github, and failing. The EC2 instance needs a private key configured to match up with the corresponding public (Github) key for the account.
Generate a new keypair on the EC2 instance, and add the public key from the new keypair to your Github account.