stackoom
  简体   繁体   中英

Deployment using ssh with key without providing passphrase for private key (ssh-agent)

 原文  2014-04-18 20:33:42       php/ symfony/ ssh/ laravel/ ssh-agent

Question

Wherein lies the difference between Capistrano and Rocketeer when it comes to the passphrase for a private key?

I already have both Capistrano and Rocketeer deployment strategies set up properly and working. Capistrano lets ssh-agent provide the passphrase - Rocketeer, as it seems, does not. The question is not about how but why the passphrase is needed.

Background:

I want to use Rocketeer for deployment of a Laravel application instead of Capistrano. It seems as if it delegates the SSH connection to Laravel.

After setting only the remote server's name in the configuration and running a check, after some prompts for credentials Rocketeer stores the needed passphrase and the path to my desired private key in a non-version-controlled file.

I do not want to have credentials for establishing a SSH connection stored on my disk - especially not the passphrase to any of my private keys.

So, why is anything more than the server's name required?

I see that Laravel has those fields prepared in its remotes config - I just could not find out which component is responsible eventually and why it does not leave the SSH connection completely to the system itself.

Is it Rocketeer , Laravel , Symfony , phpseclib or even php itself underneath that needs that many information for establishing a SSH connection?

2 answers

solution1
 3 ACCPTED  2014-04-23 14:18:22

It's Laravel's missing implementation of phpseclib's ssh-agent that requires that many information for establishing a SSH connection.

That's why Rocketeer does not allow to rely on the ssh-agent next to username/password and privatekey/passphrase authentication as does Capistrano.

A proposal was stated and merged to include phpseclib's undocumented implementation for using the ssh-agent instead of an explicit key.

Rocketeer would profit from this as it relies on said implementation of phpseclib in Laravel.

(Thanks to @hannesvdvreken, @ThomasPayer and @passioncoder for pointing in the right directions)

solution2
 2  2014-04-18 23:35:01

There are some thing you might want to know.

You can use the default app/config/remote.php or you can use the Rocketeer config.php that gets published under app/packages/anahkiasen/rocketeer .

I tend to use the Laravel file. I made a copy of that file into the app/config/development folder which is ignored by git with .gitignore . I only write down the passkey of my private key down in that file. It will get merged with the array in app/config/remote.php .

Here's my app/config/development/remote.php file: 

return array(
    'connections' => array(
        'staging' => array(
            'keyphrase' => 'your-secret-here',
        ),
        'production' => array(
            'keyphrase' => 'your-secret-here',
        ),
    ),
);

Hope this helps.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question DreamHost and BitBucket SSH Key connection without prompting for passphrase Integrating PHP, SSH and ssh-agent Using an ssh key with composer for a private vcs Generate RSA private SSH key in PHP Need ssh-agent running under Apache PHP script How to change the passphrase of a private key using PHP's OpenSSL module? PHP ssh2_auth_pubkey_file not working with encrypted private key PHP How to use ssh function with only a private key Cloning failed using an ssh key for authentication Secure method for storing/retrieving a PGP private key and passphrase?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM