After restarting the server instance, Capistrano throws the error that Authentication failed for user Net::SSH::AuthenticationFailed
Question
It is our maintenance project. We have got the private key( id_rsa.txt ) of production server to sign-in from the client.
If we want to deploy the application, we just add the private key file to my local ssh-agent
ssh-add id_rsa.txt
then follow the capistrano's deployment command and got success
bundle exec cap deploy
Here is the line for ssh in Deploy.rb:
server 'example.com', user: 'app', roles: %w[app db web sidekiq]
set :ssh_options, { forward_agent: true, user: "app", keys: %w(/home/user/id_rsa.txt) }
Problem: Everything was fine before the instance restarted via aws's web console. After, we are unable to deploy and getting an error as
home/rubx/.rvm/gems/ruby-2.7.2@glamz-web/gems/net-ssh-6.1.0/lib/net/ssh.rb:268:in `start': Authentication failed for user user@example.com (Net::SSH::AuthenticationFailed)
1: from /home/rubx/.rvm/gems/ruby-2.7.2@glamz-web/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/home/rubx/.rvm/gems/ruby-2.7.2@glamz-web/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as app@52.58.220.92: Authentication failed for user user@example.com (SSHKit::Runner::ExecuteError)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as user@example.com: Authentication failed for user user@example.com
/home/rubx/.rvm/gems/ruby-2.7.2@glamz-web/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute'
/home/rubx/.rvm/gems/ruby-2.7.2@glamz-web/gems/sshkit-1.21.2/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
Caused by:
Net::SSH::AuthenticationFailed: Authentication failed for user user@example.com
After some googling, I tried the following steps but did not succeed.
- Added my public key(.ssh/id_rsa.pub) to authorized_keys of target server
- Allowing my IP address to the inbound rule of server.
- Tried to put only the server key in my ssh-agent.
Note: We can successfully login to server using the same key file
Do I need to configure the server specifically for Capistrano deployment? Thanks in advance
1 answers
solution1
0 ACCPTED 2022-06-11 08:12:12
We were trying syslog(/var/log/syslog) for the log messages and then some googling came to know about the /var/log/auth.log. The following error messages were found on auth.log while establishing a server connection via the script
Jun 11 05:01:36 ip- sshd[1757827]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
Jun 11 05:01:36 ip- sshd[1757827]: Connection closed by authenticating user app 15.4.81.22 port 47652 [preauth]
Solution
The problem was solved after allowing the ssh-rsa algorithm to PubkeyAcceptedKeyTypes in the sshd configuration
sudo vi /etc/ssh/sshd_config
PubkeyAcceptedKeyTypes=+ssh-rsa
Restart the sshd to reflect the changes
sudo systemctl restart sshd
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.