Capistrano, SSH Keys, and multiple Git repos

I hate monolithic software. It causes so many problems when trying to be fast and agile when refactoring or rolling out new features. Just like the single responsibility principle in SOLID,  I like clean separation of project concerns too. This leads me down a path of having multiple Git repositories, which in itself isn’t an issue, but it does tend to get a little tricky when using a service like GitHub or Bitbucket that requires SSH keys for deployment. So, how do I handle this?I thought it was going to be easy and I could just use the same SSH deployment key for all repos, but no luck, they have to be unique for each repo since it doesn’t know which key to use.

Screenshot of a capistrano deployment failing because of incorrect SSH keys

Here’s how I handle this situation. SSH config provides a simple way around this problem by mapping unique host to an IdentifyFile, i.e. deployment key

  1. Generate a key for each of the projects. I name my keys “<host>.<project>” so when I look at them later, I know where and what they’re for. Remember, this is done on the system that will be making the git requests, not your local machine.
  2. Add the public key to the respective project. I use but I assume GitHub works the same way.
  3. Update your ~/.ssh/config file to map the keys to the git host names.

Mine looks like this (I run 3 apps on this server):

Host bitbucket-project1
 User git
 IdentityFile ~/.ssh/bitbucket.project1
Host bitbucket-project2
 User git
 IdentityFile ~/.ssh/bitbucket.project2
Host bitbucket-project3
 User git
 IdentityFile ~/.ssh/bitbucket.project3

Now update your :repo_url to use this hostname:

set :repo_url, 'git@bitbucket-project1:my_account/project1.git'

Run capistrano and you should be good to go!

Be the first to leave a comment. Don’t be shy.

Join the Discussion

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>