使用Capistrano部署到AWS EC2 AMI时身份验证失败错误
[英]Authentication failed Error when deploying to AWS EC2 AMI with Capistrano
问题描述
I am following this tutorial: 
我正在关注本教程:
https://www.sitepoint.com/deploy-your-rails-app-to-aws/
The app is fully created and running in development (including the database). 该应用程序已完全创建并正在开发中运行(包括数据库)。 Keys have been added to GIT and SSH, although from the tutorial I am very sure which of them goes exactly where. 密钥已添加到GIT和SSH,尽管从本教程中我可以确定它们中的哪一个正好在哪里。
And this the error I am getting. 这就是我得到的错误。
$ gem list net
*** LOCAL GEMS ***
net-http-digest_auth (1.4)
net-http-persistent (2.9.4)
net-scp (1.2.1)
net-ssh (3.2.0, 3.1.1)
net-telnet (0.1.1)
contactbook liviu-mac $ cap production deploy --trace
** Invoke production (first_time)
** Execute production
** Invoke load:defaults (first_time)
** Execute load:defaults
** Invoke rvm:hook (first_time)
** Execute rvm:hook
** Invoke rvm:check (first_time)
** Execute rvm:check
cap aborted!
Net::SSH::AuthenticationFailed: Authentication failed for user deploy@52.87.233.215
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/net-ssh-3.2.0/lib/net/ssh.rb:249:in `start'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/connection_pool.rb:59:in `call'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/connection_pool.rb:59:in `with'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/netssh.rb:155:in `with_ssh'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/netssh.rb:108:in `execute_command'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/abstract.rb:141:in `block in create_command_and_execute'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/abstract.rb:141:in `tap'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/abstract.rb:141:in `create_command_and_execute'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/abstract.rb:60:in `capture'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/capistrano-rvm-0.1.2/lib/capistrano/tasks/rvm.rake:9:in `block (3 levels) in <top (required)>'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/abstract.rb:29:in `instance_exec'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/backends/abstract.rb:29:in `run'
/Users/liviu-mac/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/sshkit-1.11.3/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
Tasks: TOP => rvm:check
I attempted almost all fixes suggested in the posts I found. 我尝试了发现的帖子中建议的几乎所有修复。 Nothing works for me. 什么都不适合我。
Here are more details: 以下是更多详细信息:
$ gem list net
*** LOCAL GEMS ***
net-http-digest_auth (1.4)
net-http-persistent (2.9.4)
net-scp (1.2.1)
net-ssh (3.2.0, 3.1.1)
net-telnet (0.1.1)
My Capfile is: 我的Capfile是:
# Load DSL and set up stages
require "capistrano/setup"
# Include default deployment tasks
require "capistrano/deploy"
require 'capistrano/rvm'
# require 'capistrano/rbenv'
# require 'capistrano/chruby'
require 'capistrano/bundler'
require 'capistrano/rails/assets'
require 'capistrano/rails/migrations'
require 'capistrano/puma'
# require 'capistrano/passenger'
require 'capistrano/ssh_doctor'
# Load custom tasks from `lib/capistrano/tasks` if you have any defined
Dir.glob("lib/capistrano/tasks/*.rake").each { |r| import r }
My config/deply/production.rb file is (one single uncommented line): 我的config/deply/production.rb文件是(一个未注释的行):
server '52.87.233.215', user: 'deploy', roles: %w{web app db}
And my config/deploy.rb file is: 我的config/deploy.rb文件是:
# config valid only for current version of Capistrano
lock '3.6.1'
set :application, 'contactbook'
set :repo_url, 'git@github.com:levi-l-damian/contactbook.git'
# Default branch is :master
# ask :branch, `git rev-parse --abbrev-ref HEAD`.chomp
set :branch, :master
# Default deploy_to directory is /var/www/my_app_name
# set :deploy_to, '/var/www/my_app_name'
set :deploy_to, '/home/deploy/contactbook'
# Default value for :pty is false
set :pty, true
# Default value for :linked_files is []
# append :linked_files, 'config/database.yml', 'config/secrets.yml'
set :linked_files, %w{config/database.yml config/application.yml}
# Default value for linked_dirs is []
# append :linked_dirs, 'log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'public/system'
set :linked_dirs, %w{bin log tmp/pids tmp/cache tmp/sockets vendor/bundle public/system public/uploads}
# Default value for keep_releases is 5
set :keep_releases, 5
set :rvm_type, :user
set :rvm_ruby_version, 'ruby-2.3.1' # Edit this if you are using MRI Ruby
set :puma_rackup, -> { File.join(current_path, 'config.ru') }
set :puma_state, "#{shared_path}/tmp/pids/puma.state"
set :puma_pid, "#{shared_path}/tmp/pids/puma.pid"
set :puma_bind, "unix://#{shared_path}/tmp/sockets/puma.sock" #accept array for multi-bind
set :puma_conf, "#{shared_path}/puma.rb"
set :puma_access_log, "#{shared_path}/log/puma_error.log"
set :puma_error_log, "#{shared_path}/log/puma_access.log"
set :puma_role, :app
set :puma_env, fetch(:rack_env, fetch(:rails_env, 'production'))
set :puma_threads, [0, 8]
set :puma_workers, 0
set :puma_worker_timeout, nil
set :puma_init_active_record, true
set :puma_preload_app, false
Don't know how to fix this and move forward? 不知道该如何解决并继续前进?
2 个解决方案
解决方案1
2 2016-09-22 15:26:10
When troubleshooting authentication failed errors in Capistrano, it is useful to drop down to a lower level and test connectivity with ssh first. 在Capistrano中对authentication failed错误进行故障排除时,将其降至较低级别并首先使用ssh测试连接很有用。 That way you can figure out if it really is a Capistrano problem, or a more basic SSH connectivity issue. 这样,您就可以确定这确实是Capistrano问题,还是更基本的SSH连接问题。
In this case Capistrano says it cannot connect to 52.87.233.215 as the deploy user. 在这种情况下,Capistrano说它不能以deploy用户身份连接到52.87.233.215 。 Let's verify that manually like this: 让我们像这样手动验证:
ssh -v deploy@52.87.233.215
The -v flag dumps a bunch of verbose logging so that we can see what authentication methods are being attempted. -v标志转储了一堆详细的日志记录,以便我们可以看到正在尝试哪种身份验证方法。
If you get permission denied (publickey) , that is an indication that you do not have your public key properly installed on the server. 如果您获得permission denied (publickey) ,则表明您没有在服务器上正确安装公钥。 In other words, the server has no way of verifying you are who you claim to be, and denies access. 换句话说,服务器无法验证您所声称的身份,并且拒绝访问。
To install your public key, copy the contents of this file from your local machine : 要安装公共密钥,请从本地计算机复制此文件的内容:
~/.ssh/id_rsa.pub
And paste those contents into this file on the server : 并将这些内容粘贴到服务器上的该文件中:
~deploy/.ssh/authorized_keys
Make sure that ~deploy/.ssh/authorized_keys is owned and accessible by the deploy user: 确保~deploy/.ssh/authorized_keys由deploy用户拥有并可以访问:
$ ls -ld ~deploy/.ssh
drwxr-xr-x 2 deploy deploy 4096 Jun 16 2015 /home/deploy/.ssh
$ ls -ld ~deploy/.ssh/authorized_keys
-rw------- 1 deploy deploy 1023 Sep 12 02:13 /home/deploy/.ssh/authorized_keys
Now try the ssh command again: 现在再次尝试ssh命令:
ssh -v deploy@52.87.233.215
It should work, and if so, Capistrano should now work as well. 它应该工作,如果可以,Capistrano现在也应该工作。
解决方案2
0 已采纳 2016-09-22 21:16:52
The only solution that worked for me was: 对我有用的唯一解决方案是:
ssh -i ~/.ssh/contactbook.pem ec2-user@ec2-54-226-156-103.compute-1.amazonaws.com
su - deploy
chmod 400 /home/deploy/.ssh/authorized_keys
chown deploy:deploy /home/deploy -R
Only after that the commands: 之后,命令:
ssh -v deploy@54.226.156.103
and 和
cap production deploy
succeeded. 成功了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.