deployer
deployer copied to clipboard
deployphp
Deployer (SSH) doesn't ask for the password nicely
It's trival case, but confusing. When SSH waiting for password Deployer 6 prints Password:
Deployer 7 prints ⠇ word: ⠴ with rolling animations...
- Deployer version: 7.0.0-rc.8
$ dep deploy -vvv
task deploy:setup
[production] /usr/bin/php /home/deployer/vendor/deployer/deployer/deployer.phar worker --port 46827 --task deploy:setup --host production --decorated -vvv
[production] ssh '-A' '-o' 'ControlMaster=auto' '-o' 'ControlPersist=60' '-o' 'ControlPath=~/.ssh/[email protected]' '[email protected]' ': xxxxxx; bash -ls'
[production] run [ -d /var/www/foo.com ] || mkdir -p /var/www/foo.com;
cd /var/www/foo.com;
[ -d .dep ] || mkdir .dep;
[ -d releases ] || mkdir releases;
[ -d shared ] || mkdir shared;
The authenticity of host 'x.x.x.x (x.x.x.x)' can't be established.
ECDSA key fingerprint is xxxxx
ECDSA key fingerprint is xxxxx
⠸ ou sure you want to continue connecting (yes/no)? ⠏
[production] Warning: Permanently added 'x.x.x.x' (ECDSA) to the list of known hosts.
⠇ word: ⠴
This is confusing, I thought my SSH configuration was wrong or the routing network didn't allow connection and I have a timeout here.
Some of my servers using ssh-keys so I don't always expect password ask.
BTW ssh user@host prints Password: when it need password :-)
Deployer v7 don't have this functionality any more. In v7 each task is executed inside of a worker process, so no passing on tty happends. Deployer -> Worker -> SSH -> Remote host.
You can configure you ssh client to not show such messages, or just generate host keysign before connecting.
Hm, yes, but now it's one of our security/permission policy: Production deploy ask for password? You don't known it? So you don't have permission to do that deploy.
I’m not getting it. What security permissions?
Please, share what’s happening for a normal ssh user@host.
In my company deployment of any project work like this:
- login as "deployer" user to deployment-host
- go to project deployment dir
- run
dep deploy production
This always ask for password. Developers has individual accounts in https://github.com/nuxsmin/sysPass gdzie nadajemy uprawnienia do haseł dla każdego z naszych projektów. So asking password in deployment process is our security/permission to deploy. So login-via-ssh-keys to production server in deployment process is not an option.
Other words, we like when Deployer nicely asking for password when user try to deploy something on production stage.
Yes, Deployer v7 doesn’t support ssh password. Consider switching to ssh_key.
But it actually works:
$ dep deploy:is_locked production
task deploy:is_locked
⠧ word: ⠼
[production] info Deploy is unlocked.
after ⠧ word: ⠼ I paste password from clipboard ant hit enter. So You mean, "deployer 7 works with ssh password but not officially support it" ?