I am deploying using Capistrano to a new server and having the following issue. Currently, I cannot add an SSH key to the server to log in with so I must use password authentication. However, I do have a key for another server saved in my local user account's .ssh
directory.
Here is the error I get when I try to log in:
C:\Web\WebApp1>cap deploy:setup
* executing `deploy:setup'
* executing "mkdir -p /home2/webapp1 /home2/webapp1/releases /home2/webapp1/shared /home2/webapp1/shared/system /home2/webapp1/shared/log /home2/webapp1/shared/pids"
servers: ["myserver.example.com"]
connection failed for: myserver.example.com (OpenSSL::PKey::PKeyError: not a public key "C:/Users/MyAccount/.ssh/id_rsa.pub")
How can I get Capistrano to ignore the existence of the key I have and let me log in with a password instead? I tried adding set :password, "myp@ssw0rd"
to deploy.rb
and it didn't help.
UPDATE
I followed @sysadmin1138's answer to add the following to the ssh config file:
HostName myserver.example.com
PreferredAuthentications=password
PubkeyAuthentication=no
Now, I get the error:
connection failed for: myserver.example.com (Net::SSH::AuthenticationFailed: webappuser)
It does not even ask for the password though. When I tried specifying the password in the config file, it still gave the same error.
Here are the relevant parts of my Capistrano config:
role :web, "myserver.example.com"
set :user, "webappuser"
default_run_options[:pty] = true # Allow Capistrano to prompt for passwords
set :deploy_to, "/home2/webapp1"
This is probably solveable outside of Capistrano and in SSH itself. Setting up a ~/.ssh/config file an creating an entry for your host:
Capistrano will definitely prompt for a password if no key is present, I've done that.
After reading through the code for
Net::SSH::KeyManager
, I found the problem.On this machine, I have a public key named
id_rsa.pub
without the corresponding private keyid_rsa
(because I useid_rsa.ppk
which is the PuTTY version of the key file).Net::SSH::KeyManager
, however, will only use a key if both the private and public files are in the directory. Unfortunately, this also means that if it finds a public key without the private key (or a private key without the public key), it will immediately throw an exception, instead of just discarding the key.After I used PuTTYgen to export the private key from the
.ppk
file into a standard OpenSSH file (and then modified that file according to this answer), I was able to connect using password authentication (without needing the ssh/config file as shown in another answer).Note: I think this is a bug in the OpenSSH gem. Having one invalid key should not stop you from using a different key or a password.