February 19, 2015

SSH for Easier Deployment

Make deployment easier by setting up SSH keys and configuration.Create a new user for deployment on the remote server

# as root
adduser deployer

# Append (-a) a secondary group (-G) "www-data" to user "deployer"
usermod -G -a www-data deployer

# See groups assigned to user "deployer"
groups deployer

Locally, we'll create a (passwordless) SSH key to use to log into this server:

cd ~/.ssh
ssh-keygen -t rsa -b 4096 -C "fideloper@gmail.com" -f id_deployex
cat id_deployex.pub | pbcopy

On the remote server, paste the deployex public key to the ~/.ssh/authorized_keys file for the user deployer (/home/users/deployer/.ssh/authorized_keys).

Try logging in from the local computer:

ssh deployer@

This failed for me, so I need to use more SSH options:

ssh -o "IdentitiesOnly yes" -i ~/.ssh/id_deployex deployer@

Let's make this easier be adding this host into our SSH config file on our local computer:

vim ~/.ssh/config

Add the following:

Host deploy-ex
    User deployer
    IdentitiesOnly yes
    IdentityFile ~/.ssh/deploy_ex

Then try this out on the local computer:

ssh deploy-ex

That works!

We can then simplify our previous shell script from something like this:

#!/usr/bin/env bash
scp -o "PubkeyAuthentication no" ./* root@

To just this:

#!/usr/bin/env bash
scp ./* deploy-ex:/var/www/site/

All Topics