I went through the a few documentation on how to prepare for using Capistrano and among those was the "authentication and authorization" from the Capistrano web site.
All was going dandy when I did this command
me@localhost $ ssh deploy@one-of-my-servers.com 'hostname; uptime'
but.. when I come across this command
me@localhost $ ssh -A deploy@one-of-my-servers.com 'git ls-remote git@bitbucket.org:team/application.git
I got a dreaded
Permission denied (publickey).
I decided to ssh to the server directly as the deployment user and try my command from there but then I was asked for my passphrase:
me@localhost:~$ ssh deployer@server.com
... bunch of logon information ...
deployer@server:~$ git ls-remote git@bitbucket.org:team/application.git
Enter passphrase for key '/home/deployer/.ssh/id_rsa':
I entered the passphrase and got the response from bitbucket. Now I didn't understand why I was asked for my passphrase becuase the ssh-agent should have my identy loaded and all should be good with deployer and bitbuckt. I decided to check if ssh-agent had my identity loaded by running
ssh-add -l
but then I got
Could not open a connection to your authentication agent.
what? ok, then I started the ssh-agent and made sure my identity was loaded by doing this
deployer@server:~$ eval "$(ssh-agent)"
Agent pid 30113
deployer@server:~$ ssh-add -l
The agent has no identities.
deployer@server:~$ ssh-add
Enter passphrase for /home/deployer/.ssh/id_rsa:
Identity added: /home/deployer/.ssh/id_rsa (/home/deployer/.ssh/id_rsa)
deployer@server:~$ ssh-add -l
2048 6c:87:f9:e1:71:75:0d:1c:cf:8d:d8:a8:06:fc:70:e7 /home/deployer/.ssh/id_rsa (RSA)
and now I could do my remote listing from bitbucket just fine without having to enter my passphrase
deployer@server:~$ git ls-remote git@bitbucket.org:team/application.git
f25db5c4691531c8ad27882c74d9668de66f795f HEAD
97a68f4f6cbffd0c320b37891ffdda57931146f4 refs/heads/deployer
f25db5c4691531c8ad27882c74d9668de66f795f refs/heads/master
deployer@server:~$
now I was happy and logged out of the server and tried again from my local machine
deployer@server:~$ exit
logout
Connection to server.com closed.
me@localhost:~$ ssh deployer@server.com 'git ls-remote git@bitbucket.org:team/application.git'
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
??? There lies my problem... now can you see where I'm going wrong?
You can login once to start the ssh-agent and load your keys (ssh-add) into the agent. Save the output of ssh-agent in some file.
When you login remotely for git purpose, set SSH_AUTH_SOCK and SSH_AGENT_PID through your bashrc or some other startup script using the saved info. You do not want a new ssh-agent. You need to point to the same one that already has the keys.