Capistrano 自動部署 使用ssh key 不用打密碼

因為使用 Capistrano 自動部署Rails應用程式

但是部署時要打入user的密碼

所以使用ssh key 登入的方式,來自動登入,讓部署流程更加順暢愉快

因為我是使用Mac電腦,所以我是執行

1.在本機Mac電腦上先產生一組公鑰和私鑰

ssh-keygen -t rsa -C “輸入信箱”

2.在要部署的主機上先產生 .ssh 的資料夾

ssh [email protected] mkdir -p .ssh

3.從本機Mac電腦複製產生的公鑰id_rsa.pub到遠端的主機上面

cat ~/.ssh/id_rsa.pub | ssh [email protected] ‘cat >> .ssh/authorized_keys’

看起來應該是要成功了

但是還是失敗,所以到

/etc/log/secure 裡面看是什麼錯誤

後來出現

sshd[21933]: Authentication refused: bad ownership or modes for directory /home/deploy
May 13 02:12:33 li410-81 sshd[21933]: Accepted password for deploy from 114.35.129.167 port 43239 ssh2
May 13 02:12:33 li410-81 sshd[21933]: pam_unix(sshd:session): session opened for user deploy by (uid=0)

原來是權限的問題

因為 /home/deploy 有group write的權限所以底下的.ssh/authorized_keys也繼承到group write,所以將 group write拿掉就可以了

Leave a Reply

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    
    Markdown is turned off in code blocks:
     [This is not a link](http://example.com)

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see http://daringfireball.net/projects/markdown/syntax