Cannot deploy with Capistrano 3.2.1 to remote server. Errors authenticating git repo

Question

I'm getting an SSH authentication error when deploying a Ruby on Rails 4.0.4 app with Capistrano 3.2.1 to my digital ocean app, web, and db servers. SSH keys have been added to bitbucket.

Current stack: * Chef 11 * Berkshelf 2.0.13 * Rails 4.0.4 * Ruby 2.1.0 * Capistrano 3.2.1 * repo on Bitbucket.org * DigitalOcean app/web server and db server

I get the following error when deploying with Capistrano using cap production deploy:

...
D, [2014-05-13T11:10:20.748529 #8204] DEBUG -- tcpsocket[3fdc6de01224]: sent 52 bytes
D, [2014-05-13T11:10:20.790018 #8204] DEBUG -- tcpsocket[3fdc6de01224]: read 84 bytes
D, [2014-05-13T11:10:20.790228 #8204] DEBUG -- tcpsocket[3fdc6de01224]: received packet nr 18 type 95 len 60
I, [2014-05-13T11:10:20.790319 #8204]  INFO -- net.ssh.connection.session[3fdc6dc8e5a4]: channel_extended_data: 0 1 32b
DEBUG [1547c1bb]    conq: repository access denied.
D, [2014-05-13T11:10:20.790608 #8204] DEBUG -- tcpsocket[3fdc6de01224]: read 180 bytes
D, [2014-05-13T11:10:20.790723 #8204] DEBUG -- tcpsocket[3fdc6de01224]: received packet nr 19 type 95 len 156
I, [2014-05-13T11:10:20.790776 #8204]  INFO -- net.ssh.connection.session[3fdc6dc8e5a4]: channel_extended_data: 0 1 126b
DEBUG [1547c1bb]    fatal: Could not read from remote repository.
DEBUG [1547c1bb]    
DEBUG [1547c1bb]    Please make sure you have the correct access rights
DEBUG [1547c1bb]    and the repository exists.
D, [2014-05-13T11:10:20.790959 #8204] DEBUG -- tcpsocket[3fdc6de01224]: read 36 bytes
D, [2014-05-13T11:10:20.791018 #8204] DEBUG -- tcpsocket[3fdc6de01224]: received packet nr 20 type 96 len 12
I, [2014-05-13T11:10:20.791076 #8204]  INFO -- net.ssh.connection.session[3fdc6dc8e5a4]: channel_eof: 0
D, [2014-05-13T11:10:20.791320 #8204] DEBUG -- tcpsocket[3fdc6de01224]: read 104 bytes
D, [2014-05-13T11:10:20.791411 #8204] DEBUG -- tcpsocket[3fdc6de01224]: received packet nr 21 type 98 len 44
I, [2014-05-13T11:10:20.791467 #8204]  INFO -- net.ssh.connection.session[3fdc6dc8e5a4]: channel_request: 0 exit-status false
DEBUG [1547c1bb] Finished in 3.136 seconds with exit status 128 (failed).
D, [2014-05-13T11:10:20.791624 #8204] DEBUG -- tcpsocket[3fdc6de01224]: received packet nr 22 type 97 len 12
I, [2014-05-13T11:10:20.791664 #8204]  INFO -- net.ssh.connection.session[3fdc6dc8e5a4]: channel_close: 0
D, [2014-05-13T11:10:20.791742 #8204] DEBUG -- tcpsocket[3fdc6de01224]: queueing packet nr 18 type 97 len 28

SSH keys set up to connect both local and remote repos (tested with ssh -T git@bitbucket.org). Here's the output of ssh -v git@bitbucket.org on remote server:

root@appserver:~# ssh -v git@bitbucket.org
OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /root/.ssh/config
debug1: /root/.ssh/config line 1: Applying options for bitbucket.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to bitbucket.org [131.103.20.167] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Remote: Forced command: conq username:gabethegrape
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Remote: Forced command: conq username:gabethegrape
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Authentication succeeded (publickey).
Authenticated to bitbucket.org ([131.103.20.167]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
logged in as gabethegrape.

You can use git or hg to connect to Bitbucket. Shell access is disabled.
debug1: channel 0: free: client-session, nchannels 1
Connection to bitbucket.org closed.
Transferred: sent 3632, received 2904 bytes, in 0.0 seconds
Bytes per second: sent 126916.9, received 101477.6
debug1: Exit status 0

(remote)./ssh/config

Host bitbucket.org
    HostName bitbucket.org
    User git
    IdentityFile "~/.ssh/id_rsa"

(local) chef-repo/config/deploy/deploy.rb

# config valid only for Capistrano 3.1
lock '3.2.1'

set :application, 'repo'
set :repo_url, 'git@bitbucket.org:username/repo.git'
set :deploy_via, :copy
set :branch, "master"
set :user, "root"
set :deploy_via, :remote_cache


# Default value for :scm is :git
set :scm, :git

# Default value for :format is :pretty
set :format, :pretty

set :stages, ["dev", "staging", "production"]
set :default_stage, "production"
set :deploy_to, '/home/apps'
set :linked_files, %w{config/database.yml}

set :ssh_options, {
  forward_agent: true,
  # keys: [File.join(ENV["HOME"], ".ssh", "id_rsa")],
  verbose: :debug,
  user: fetch(:user)
}

role :web, "digital_ocean_appserver"
role :app, "digital_ocean_appserver"
role :db, "digital_ocean_dbserver", :primary => true

namespace :deploy do

  desc 'Restart application'
  task :restart do
    on roles(:app), in: :sequence, wait: 5 do
      # Your restart mechanism here, for example:
      # execute :touch, release_path.join('tmp/restart.txt')
    end
  end

  after :publishing, :restart

  after :restart, :clear_cache do
    on roles(:web), in: :groups, limit: 3, wait: 10 do
      # Here we can do anything such as:
      # within release_path do
      #   execute :rake, 'cache:clear'
      # end
    end
  end

end

(local) chef-repo/config/deploy/production.rb

server 'digital_ocean_appserver', user: 'root', roles: %w{web app}, my_property: :my_value
server 'digital_ocean_dbserver', user: 'root', roles: %w{db}, my_property: :my_value
set :branch, ENV["REVISION"] || ENV["production"] || "master"
set :deploy_to, '/home/apps'

Any ideas why I can't authenticate and connect to bitbucket on deploy?

Thanks so much for your help!

Answer 1

I solved my problem with the solution presented here. Simply do this:

ssh-add ~/.ssh/id_rsa

Answer 2

We've had a similar problem with GitHub's private repos

We fixed with this:

#config/deploy.rb
set :repo_url, 'https://user:password@github.com/user/repo.git'

This sets the user & password explicitly each time, which allows us to deploy the code without the error you're receiving