search

apostrophecms / stagecoach

Painlessly deploy node.js applications to your staging and production servers. Use a standard VPS or dedicated server to host both Node and traditional Apache-based websites. Pairs nicely with nginx and mechanic.
306 stars 29 forks source link

Using a key file for authentication #24

Closed houmark closed 6 years ago

houmark commented 6 years ago

From the README.md:

sc-deploy does make several ssh connections. Entering a password for each one is painful. You should definitely set up a trusted ssh public key that allows you to ssh to your server without entering your password over and over. Passwords are error-prone, annoying and insecure. Friends don't let friends use passwords.

I've tried various things to get a key to authenticate when deploying, but nothing works. Could you advise how you have your keys on a client machine? I have tried inside ~/.ssh and also configuring inside ~/.ssh/config for the location of the key file for each host name to no avail.

Of course, authentication to the server through normal SSH is working just fine using the ssh -i parameter to point to the location of the key file.

P.S. The link in the README to how to set up a key file is broken, may want to fix that.

houmark commented 6 years ago

@boutell maybe you have a hint here?

I've been reviewing the source code, and I could not find any code related to enforcing a key when deploying. Maybe I'm missing something obvious here, but I also tried more generic ssh approaches with having the server hostname / IP set to use the key, but that also didn't make stagecoach use the key, so I'm stuck at pasting passwords at every deploy.

boutell commented 6 years ago

Yes, this is what we do all the time. I never have to type passwords, which is a relief given how many clients we have (:

It's just making ssh connections, nothing more than you do at the command line. So probably something isn't right about your generic setup for a trusted ssh public key.

On Tue, Jul 10, 2018 at 10:35 PM, houmark notifications@github.com wrote:

@boutell https://github.com/boutell maybe you have a hint here?

I've been reviewing the source code, and I could not find any code related to enforcing a key when deploying. Maybe I'm missing something obvious here, but I also tried more generic ssh approaches with having the server hostname / IP set to use the key, but that also didn't make stagecoach use the key, so I'm stuck at pasting passwords at every deploy.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/punkave/stagecoach/issues/24#issuecomment-404025672, or mute the thread https://github.com/notifications/unsubscribe-auth/AAB9fYauM3OgwrKZHgMQfm0ztjSHhhE0ks5uFWRogaJpZM4UzdD_ .

--

THOMAS BOUTELL, CHIEF SOFTWARE ARCHITECT P'UNK AVENUE | (215) 755-1330 | punkave.com

boutell commented 6 years ago

Closing this because stagecoach already respects your configuration in .ssh/config (as any generic ssh command will).

houmark commented 6 years ago

Thanks for the confirmation. I redid my local configuration from scratch and it works now, so I guess I was doing something wrong the first time I tried doing this.

houmark commented 6 years ago

Additionally I have put on my todo to update the README with more clear instructions on this and also find a better link for the links that's broken in the current README.