One common inconvinience of setting up Capistrano for deploys via GitHub is creating SSH keys in the server and later adding the public key to the repository at GitHub to let the server clone/pull from the repository.
Fortunately there’s an easy way to overcome that. It’s a SSH feature called ForwardAgent. When enabled, ForwardAgent shares your local SSH key with the destination host allowing it to identify itself to a third host with your key.
In our context that means your app server can connect to the GitHub repository using the key from your local computer that’s already authorized to access it.
Now to the fun part. To make it work you’ll need to tell your local SSH which host it should enable ForwardAgent for. You do that by adding the following to your
1 2 3
Now you’ll need to make sure your
ssh-agent is serving your keys. To do that:
# -K option might not work on non-OSX OSs ssh-add -K ~/path/to/your/key
And finally connect to your host:
You should now be able to connect from there to any host you can connect to from your local machine. For example, GitHub:
ssh -T firstname.lastname@example.org
To confirm your app server is seeing your local keys:
To see all the keys ssh-agent is serving (locally):
To see the details of the SSH connection process:
ssh -v yourapphost.com
If the setup suddenly stop working check if your key got dropped by
ssh-agent during a reboot. Adding it back should fix it.