cap deploy suddenly says Authentication Failed

Question

I've been deploying my Symfony2 app trouble-free for weeks using Capifony. The other day I run cap deploy and nothing works. I didn't change any keys or, knowingly, change any other settings.

I am deploying from my bitbucket repo.

I've checked file permissions and ownership everywhere.

/var/git/.ssh/authorized_keys permissions 600 user git

/var/git/.ssh/known_hosts permissions 640 user git

/var/git/.ssh/config permissions 700 user git:

Host bitbucket.org
 Hostname bitbucket.org
 ForwardAgent yes
 ForwardX11 no
 User git
 IdentityFile /var/git/.ssh/bitbucket_rsa

I can login with the same public key on bitbucket from my local machine to the production server. I've tried a different key.

I've reinstalled ruby (1.9.3). I tried Capifony 2.4.2 and have tried going back to an earlier version (2.4.0 and Capistrano 2.15.5).

Nothing has resolved the issue.

in deploy.rb:

set :repository,  "[email protected]:username/example.git"
set :scm,         :git

ssh_options[:forward_agent] = true
ssh_options[:verbose] = :debug
ssh_options[:keys] = %w(/var/git/.ssh/bitbucket_rsa)

Running cap deploy:check

* ←[32m2014-02-04 09:20:30 executing `deploy:check'←[0m
* ←[33mexecuting "test -d /var/www/vhosts/example.com/releases"←[0m
servers: ["example.com"] D, 
[2014-02-04T09:20:30.140652 #11708] DEBUG -- net.ssh.transport.session[15bfe8c]: 
establishing connection to example.com:22
D, [2014-02-04T09:20:30.320662 #11708] DEBUG -- net.ssh.transport.session[15bfe8c]:
connection established
I, [2014-02-04T09:20:30.320662 #11708]  INFO -- net.ssh.transport.server_version 
[15bf274]: negotiating protocol version
D, [2014-02-04T09:20:30.469671 #11708] DEBUG -- net.ssh.transport.server_version
[15bf274]: remote is `SSH-2.0-OpenSSH_5.3'
D, [2014-02-04T09:20:30.470671 #11708] DEBUG -- net.ssh.transport.server_version
[15bf274]: local is `SSH-2.0-Ruby/Net::SSH_2.8.0 i386-mingw32'
D, [2014-02-04T09:20:30.530674 #11708] DEBUG -- tcpsocket[15bfb5c]: read 784 bytes
D, [2014-02-04T09:20:30.530674 #11708] DEBUG -- tcpsocket[15bfb5c]: received packet nr 
0 type 20 len 780
I, [2014-02-04T09:20:30.530674 #11708]  INFO -- net.ssh.transport.algorithms[15bb0b0]: 
got KEXINIT from server
I, [2014-02-04T09:20:30.530674 #11708]  INFO -- net.ssh.transport.algorithms[15bb0b0]: 
sending KEXINIT
D, [2014-02-04T09:20:30.531675 #11708] DEBUG -- tcpsocket[15bfb5c]: queueing packet nr 
0 type 20 len 1620
D, [2014-02-04T09:20:30.531675 #11708] DEBUG -- tcpsocket[15bfb5c]: sent 1624 bytes
I, [2014-02-04T09:20:30.531675 #11708]  INFO -- net.ssh.transport.algorithms[15bb0b0]: 
negotiating algorithms
D, [2014-02-04T09:20:30.531675 #11708] DEBUG -- net.ssh.transport.algorithms[15bb0b0]: 
negotiated:
* kex: diffie-hellman-group-exchange-sha1
* host_key: ssh-rsa
* encryption_server: aes128-cbc
* encryption_client: aes128-cbc
* hmac_client: hmac-sha1
* hmac_server: hmac-sha1
* compression_client: none
* compression_server: none
* language_client:
* language_server:
D, [2014-02-04T09:20:30.532675 #11708] DEBUG -- net.ssh.transport.algorithms[15bb0b0]: 
exchanging keys
D, [2014-02-04T09:20:30.532675 #11708] DEBUG -- tcpsocket[15bfb5c]: queueing packet nr 
1 type 34 len 20
D, [2014-02-04T09:20:30.532675 #11708] DEBUG -- tcpsocket[15bfb5c]: sent 24 bytes
D, [2014-02-04T09:20:30.652681 #11708] DEBUG -- tcpsocket[15bfb5c]: read 152 bytes
D, [2014-02-04T09:20:30.652681 #11708] DEBUG -- tcpsocket[15bfb5c]: received 
packet nr 1 type 31 len 148
D, [2014-02-04T09:20:31.893752 #11708] DEBUG -- tcpsocket[15bfb5c]: queueing packet nr 
2 type 32 len 140
D, [2014-02-04T09:20:31.893752 #11708] DEBUG -- tcpsocket[15bfb5c]: sent 144 bytes
D, [2014-02-04T09:20:31.964757 #11708] DEBUG -- tcpsocket[15bfb5c]: read 720 bytes
D, [2014-02-04T09:20:31.964757 #11708] DEBUG -- tcpsocket[15bfb5c]: received packet nr 
2 type 33 len 700
D, [2014-02-04T09:20:31.968757 #11708] DEBUG -- tcpsocket[15bfb5c]: queueing packet nr 
3 type 21 len 20
D, [2014-02-04T09:20:31.968757 #11708] DEBUG -- tcpsocket[15bfb5c]: sent 24 bytes
D, [2014-02-04T09:20:31.968757 #11708] DEBUG -- tcpsocket[15bfb5c]: received packet nr 
3 type 21 len 12
D, [2014-02-04T09:20:31.969757 #11708] DEBUG -- 
net.ssh.authentication.session[15647f4]: beginning authentication of `git'
D, [2014-02-04T09:20:31.969757 #11708] DEBUG -- tcpsocket[15bfb5c]: queueing packet nr 
4 type 5 len 28
D, [2014-02-04T09:20:31.969757 #11708] DEBUG -- tcpsocket[15bfb5c]: sent 52 bytes
D, [2014-02-04T09:20:32.129766 #11708] DEBUG -- tcpsocket[15bfb5c]: read 52 bytes
D, [2014-02-04T09:20:32.129766 #11708] DEBUG -- tcpsocket[15bfb5c]: received packet nr 
4 type 6 len 28
D, [2014-02-04T09:20:32.129766 #11708] DEBUG -- 
net.ssh.authentication.session[15647f4]: trying none
D, [2014-02-04T09:20:32.130766 #11708] DEBUG -- tcpsocket[15bfb5c]: queueing packet nr 
5 type 50 len 44
D, [2014-02-04T09:20:32.130766 #11708] DEBUG -- tcpsocket[15bfb5c]: sent 68 bytes
D, [2014-02-04T09:20:32.290775 #11708] DEBUG -- tcpsocket[15bfb5c]: read 84 bytes
D, [2014-02-04T09:20:32.290775 #11708] DEBUG -- tcpsocket[15bfb5c]: received packet nr 
5 type 51 len 60
D, [2014-02-04T09:20:32.290775 #11708] DEBUG --     
net.ssh.authentication.session[15647f4]: allowed methods: publickey,gssapi-
keyex,gssapi-with-mic,password
D, [2014-02-04T09:20:32.291775 #11708] DEBUG --     
net.ssh.authentication.methods.none[156bb14]: none failed
D, [2014-02-04T09:20:32.291775 #11708] DEBUG -- 
net.ssh.authentication.session[15647f4]: trying publickey
D, [2014-02-04T09:20:32.291775 #11708] DEBUG -- net.ssh.authentication.agent[15a9f68]: 
connecting to ssh-agent
E, [2014-02-04T09:20:32.292775 #11708] ERROR -- net.ssh.authentication.agent[15a9f68]: 
could not connect to ssh-agent
D, [2014-02-04T09:20:32.292775 #11708] DEBUG -- 
net.ssh.authentication.session[15647f4]: trying password
E, [2014-02-04T09:20:32.292775 #11708] ERROR -- 
net.ssh.authentication.session[15647f4]: all authorization methods failed (tried none, 
publickey, password)
connection failed for: example.com (Net::SSH::AuthenticationFailed: Authentication 
failed for user [email protected])

What have I missed? I'm going crazy trying to fix this.

Thanks for your help.

Answer 1

capistrano/capifony (net_ssh to be more precise) tries to use a non-existant agent to connect to the server and therefore fails.

Remove ...

ssh_options[:forward_agent] = true

... and add

ssh_options[:use_agent] = false

You're not using an agent (a process storing your keys that ssh can query ) to connect to the server ... which means you can't forward it. You're providing the connection's public-key instead:

ssh_options[:keys] = %w(/var/git/.ssh/bitbucket_rsa)

Answer 2

I also had to same issue. I have fixed it, with following steps.

 >> gem uninstall net-ssh -v 2.8.0
 >> gem install net-ssh -v 2.7.0

and now when I call "cap" methods it works perfectly and asks me for password.