我试图第一次使用Capistrano将Rails 7应用程序部署到Vultr VPS。我在GoRails.com上遵循了这个指南。最后一步:使用Capistrano部署应用程序。我的设置如下:
- Ubuntu 22.04.2 LTS Jammy(客户端和服务器) Ruby 3.2.2/Rails 7.0.4.2
- rbenv 1.2.0-59-g0704e65
- bundle version 2.4.10
- capistrano (3.17.2)
- capistrano-bundler(魅惑)
- capistrano-passenger (0.2.1)
- capistrano-rails (1.6.2)
- capistrano-rbenv (2.2.0)
- net-ssh (7.1.0)
- openssl(默认:3.1.0)
当运行cap production deploy
(与HostKey /etc/ssh/ssh_host_ed25519_key
在ssh服务器配置文件)我得到这个错误:
verify_host_key: :secure is deprecated, use :always
Thread:0x00007f169f27a710 /home/user/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/sshkit-1.21.4/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/home/user/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/sshkit-1.21.4/lib/sshkit/runners/parallel.rb:15:in rescue in block (2 levels) in execute': Exception while executing as deploy@xx.xx.xx.xx: could not settle on host_key algorithm (SSHKit::Runner::ExecuteError)
Server host_key preferences: ssh-ed25519
Client host_key preferences: ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512
from /home/user/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/sshkit-1.21.4/lib/sshkit/runners/parallel.rb:11:inblock (2 levels) in execute'
/home/user/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/net-ssh-7.1.0/lib/net/ssh/transport/algorithms.rb:410:in `negotiate': could not settle on host_key algorithm (Net::SSH::Exception)
Server host_key preferences: ssh-ed25519
Client host_key preferences: ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512
...
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as deploy@xx.xx.xx.xx: could not settle on host_key algorithm
Server host_key preferences: ssh-ed25519
Client host_key preferences: ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512
和在服务器上没有HostKey变量,我得到这个错误:
verify_host_key: :secure is deprecated, use :always
Thread:0x00007f0d3c68a6c8 /home/user/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/sshkit-1.21.4/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/home/user/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/sshkit-1.21.4/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as deploy@xx.xx.xx.xx: fingerprint SHA256:6EF6B30F9E557F948C402C89002C7C8A is unknown for "xx.xx.xx.xx" (SSHKit::Runner::ExecuteError)
...
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as deploy@xx.xx.xx.xx: fingerprint SHA256:6EF6B30F9E557F948C402C89002C7C8A is unknown for "xx.xx.xx.xx"
Caused by:
Net::SSH::HostKeyUnknown: fingerprint SHA256:6EF6B30F9E557F948C402C89002C7C8A is unknown for "xx.xx.xx.xx"
Tasks: TOP => rbenv:validate
(See full trace by running task with --trace)
我可以做一个无密码的ssh到服务器,没有问题,所以PubKey认证似乎工作得很好。
有人知道怎么解决这个问题吗?非常感谢您的帮助。
我已经尝试了许多类似的听起来错误的建议,包括:
- 删除客户端的known_hosts,并在新的known_hosts文件中添加服务器指纹。
- 添加PubkeyAcceptedKeyTypes=+ed25519到服务器的ssh配置文件(建议在这里)
- 将客户端和服务器上的所有私钥和公钥更改为使用ed25519
- 在deploy.rb的ssh_options中关闭verify_host_key设置
主机密钥
ssh-ed25519 |要求gemed25519
https://github.com/net-ssh/net-ssh#host-keys
您需要为ssh-ed25579
支持安装两个额外的依赖项:
bundle add ed25519 bcrypt_pbkdf
https://github.com/net-ssh/net-ssh安装
我在Debian 12服务器上部署capistrano时遇到了类似的错误。
/usr/地方/包/珠宝/net-ssh-7.1.0/lib/net/ssh/verifiers/always。rb:53:in ' process_cache_miss':指纹SHA256:JHDY3pi7IAYJQP8u5UdSSO/WfOjmqdAijpKLJJH6t0不匹配127.20.250.55;(Net:: SSH:: HostKeyMismatch)
你的情况有两个问题:
-
您的capistrano不支持ed25519(通过在ruby中添加
bundle add ed25519 bcrypt_pbkdf
来修复此问题) -
ssh-rsa密钥已弃用,您必须使用新的密钥。Ed25519是一个选项
OR,如果你同意旧的好rsa:添加这个
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
到服务器的/etc/ssh/sshd_config.d/enable_rsa_keys.conf和使用
service ssh restart