Google Groups Home Help | Sign in
Capistrano
Home
+ new post
Pages
Files
About this group
Join this group
Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   15 messages - Collapse all
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
wselman@gmail.com  
View profile
  More options May 1 2007, 1:12 pm
From: "wsel...@gmail.com" <wsel...@gmail.com>
Date: Tue, 01 May 2007 17:12:15 -0000
Local: Tues, May 1 2007 1:12 pm
Subject: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I'm currently using Capistrano 1.4.1 and I upgraded net-ssh to version
1.1.0 this morning.  I'm also using Jim Morris's SCM module for local
SVN access. When I try to deploy, my deployment blows up when trying
to connect to my remote server with the following output (I've replace
my fingerprint and server name to protect the innocent):

  * querying latest revision...
  * local executing: svn export    -q -r15800 svn+ssh://dev/vol2/svn/
fsg/cap-one/branches/PR3 /tmp/CAP_TEMP_1178037278.66282
  * local creating tar file: /tmp/CAP_TEMP_1178037278.66282.tar.gz
  * sending tar file: /tmp/CAP_TEMP_1178037278.66282.tar.gz to remote /
tmp/CAP_TEMP_1178037278.66282.tar.gz
   servers: ["myserver"]
*** [update_code] transaction: rollback
  * [update_code] rolling back
  * executing "rm -rf /var/www/www.myserver.com/releases/
20070501163438"
    servers: ["myserver"]
 ** [update_code] exception while rolling back:
Net::SSH::HostKeyMismatch, fingerprint my_fingerprint does not match
for myserver
/opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/ssh/host-key-
verifier.rb:47:in `process_cache_miss': fingerprint my_fingerprint
does not match for myserver (Net::SSH::HostKeyMismatch)
        from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/
ssh/host-key-verifier.rb:38:in `verify'
        from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/
ssh/lenient-host-key-verifier.rb:9:in `verify'
        from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/
ssh/transport/kex/dh.rb:165:in `verify_server_key'
        from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/
ssh/transport/kex/dh.rb:232:in `exchange_keys'
        from /opt/local/lib/ruby/gems/1.8/gems/needle-1.3.0/lib/needle/
lifecycle/proxy.rb:60:in `__send__'
        from /opt/local/lib/ruby/gems/1.8/gems/needle-1.3.0/lib/needle/
lifecycle/proxy.rb:60:in `method_missing'
        from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/
ssh/transport/session.rb:182:in `exchange_keys'
        from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-1.1.0/lib/net/
ssh/transport/session.rb:143:in `kexinit'
         ... 57 levels...
        from /opt/local/lib/ruby/gems/1.8/gems/capistrano-1.4.1/lib/
capistrano/cli.rb:12:in `execute!'
        from /opt/local/lib/ruby/gems/1.8/gems/capistrano-1.4.1/bin/
cap:11
        from /opt/local/bin/cap:18:in `load'
        from /opt/local/bin/cap:18

I rolled back my net-ssh version installed to 1.0.10 and everything
works fine.  There weren't any warnings I noticed about version
incompatibilities on the announcement page.  Has anyone else
encountered this?


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Jamis Buck  
View profile
  More options May 1 2007, 1:17 pm
From: Jamis Buck <ja...@37signals.com>
Date: Tue, 1 May 2007 11:17:58 -0600
Local: Tues, May 1 2007 1:17 pm
Subject: Re: [Capistrano] Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Try this:

   ssh_options[:paranoid] = false

That'll skip any host key verification.

If you try to use the command-line ssh client to connect to  
"myserver", do you get any hostkey mismatch warnings?

- Jamis

On May 1, 2007, at 11:12 AM, wsel...@gmail.com wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Jonathan del Strother  
View profile
  More options May 1 2007, 4:54 pm
From: Jonathan del Strother <jdelStrot...@gmail.com>
Date: Tue, 01 May 2007 20:54:05 -0000
Local: Tues, May 1 2007 4:54 pm
Subject: Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I was getting this earlier, and I don't get it through command line
ssh.
In my case, I connect to multiple servers through one ip, with
different ports.  ssh by default complains about mismatched host keys
with this configuration, until I persuaded it that they really were
different servers by setting HostKeyAlias on each server in .ssh/
config
I wonder if the same problem is causing problems in net-ssh...

On May 1, 6:17 pm, Jamis Buck <j...@37signals.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
LarryK  
View profile
  More options May 1 2007, 4:55 pm
From: LarryK <larryklu...@gmail.com>
Date: Tue, 01 May 2007 20:55:04 -0000
Local: Tues, May 1 2007 4:55 pm
Subject: Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Yes, I also had a problem with net-ssh 1.1.0

Error received on a winXP box with current capistrano and other gems
(fresh install)

When doing cap setup:

 getnameinfo: address family for hostname not supported. (SocketError)
(see longer log below)

Moving to older net-ssh gem ver 1.0.10
solved the problem.

Regards,

LarryK in New York City

~~~~~~~~~

C:\instant_rails_1.7\InstantRails\rails_apps\am2>cap setup
  * executing task setup
  * executing "umask 02 &&\n    mkdir -p /home2/ma1_deploy /home2/
ma1_deploy/releases /home2/ma1_deploy/shared /home2/ma1_deploy/shared/
system &&\n    mkdir -p /home2/ma1_deploy/shared/log &&\n    mkdir -p /
home2/ma1_deploy/shared/pids"
    servers: ["192.168.22.2"]
C:/instant_rails_1.7/InstantRails/ruby/lib/ruby/gems/1.8/gems/net-
ssh-1.1.0/lib/net/ssh/transport/session.rb:108:in `getnameinfo':
getnameinfo: address family for hostname not supported. (SocketError)


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Jamis Buck  
View profile
  More options May 1 2007, 5:01 pm
From: Jamis Buck <jamis.b...@gmail.com>
Date: Tue, 1 May 2007 15:01:46 -0600
Local: Tues, May 1 2007 5:01 pm
Subject: Re: [Capistrano] Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Grrr.

I hate Windows.

Can someone with Windows networking chops take a look at that and see  
if they can figure out why Net::SSH is choking? Otherwise, I'm just  
going to add a caveat saying Windows users are out of luck and should  
not upgrade.

- Jamis

On May 1, 2007, at 2:55 PM, LarryK wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Ed Wagner  
View profile
  More options May 1 2007, 6:28 pm
From: Ed Wagner <wagner...@gmail.com>
Date: Tue, 01 May 2007 15:28:54 -0700
Local: Tues, May 1 2007 6:28 pm
Subject: Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
For what it's worth, I'm seeing the same error on OS X with a pretty
fresh set of gems. The command line ssh works fine, and net-ssh 1.0.10
doesn't complain. The fingerprint that net-ssh 1.1.0 sees is in fact
different than the one that the command line ssh (OpenSSH_4.5p1) sees.

On May 1, 12:17 pm, Jamis Buck <j...@37signals.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
wselman@gmail.com  
View profile
  More options May 2 2007, 10:24 am
From: "wsel...@gmail.com" <wsel...@gmail.com>
Date: Wed, 02 May 2007 14:24:34 -0000
Local: Wed, May 2 2007 10:24 am
Subject: Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I'm also remote deploying from OS X.

Adding "ssh_options[:paranoid] = false" does solve the problem.
Looking through the 1.0.10 docs, it looks like no hostkey verification
was performed, so this option will set 1.1.0 to behave as it was
before.

Command-line ssh into the server works fine as it always has, so I'm
still not clear on why Net::SSH is throwing Net::SSH::HostKeyMismatch.

On May 1, 5:28 pm, Ed Wagner <wagner...@gmail.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Chris Andrews  
View profile
 (1 user)  More options May 2 2007, 11:45 am
From: Chris Andrews <chrisnod...@gmail.com>
Date: Wed, 02 May 2007 15:45:19 -0000
Local: Wed, May 2 2007 11:45 am
Subject: Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
[repost from correct address, i hope]

This is coming from the 'peer' method in lib/net/ssh/transport/
session.rb:

        # Returns info about the remote peer
        def peer
          @peer ||= begin
            addr = @socket.getpeername
            ip_address = Socket.getnameinfo(addr,
Socket::NI_NUMERICHOST).first
            { :ip => ip_address, :port => @port.to_i, :host => @host }
          end
        end

I was able to replicate this problem on windows, with this code:

  require 'socket'
  include Socket::Constants
  socket = Socket.new( AF_INET, SOCK_STREAM, 0 )
  sockaddr = Socket.pack_sockaddr_in( 80, 'www.google.com' )
  socket.connect( sockaddr )
  addr = socket.getpeername
  ip_address = Socket.getnameinfo(addr, Socket::NI_NUMERICHOST).first

which gives:

test.rb:11:in `getnameinfo': getnameinfo: address family for hostname
not supported. (SocketError)
        from test.rb:11

It looks like this solves it:

  ip_address = Socket.getnameinfo(addr, Socket::NI_NUMERICHOST |
Socket::NI_NUMERICSERV).first

I've not tested this in capistrano or even Net::SSH (though I will
later, on OSX), but it should help.

I suspect the reason we don't see this everywhere is that it depends
on the combination of IPv6 support in your kernel, in your resolver
and in your ruby build.

Chris.

On May 1, 10:01 pm, Jamis Buck <jamis.b...@gmail.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Michael Hartl  
View profile
  More options May 8 2007, 1:35 pm
From: Michael Hartl <mha...@gmail.com>
Date: Tue, 08 May 2007 17:35:33 -0000
Local: Tues, May 8 2007 1:35 pm
Subject: Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I found this thread by dropping the error message into Google.  I'm
having the same problem on Linux (CentOS).  Setting
ssh_options[:paranoid] = false works for me as well.

My command-line ssh works fine currently, but errors like this do
happen when hosts move; fixing them usually involves editing the
~/.ssh/known_hosts file.  Might something like that work here?  Where
does the net-ssh host key cache live?

Michael


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Jamis Buck  
View profile
  More options May 8 2007, 2:32 pm
From: Jamis Buck <jamis.b...@gmail.com>
Date: Tue, 8 May 2007 12:32:06 -0600
Local: Tues, May 8 2007 2:32 pm
Subject: Re: [Capistrano] Re: Possible issue with Cap 1.4.1 and net-ssh 1.1.0?
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
On May 8, 2007, at 11:35 AM, Michael Hartl wrote:

> I found this thread by dropping the error message into Google.  I'm
> having the same problem on Linux (CentOS).  Setting
> ssh_options[:paranoid] = false works for me as well.

> My command-line ssh works fine currently, but errors like this do
> happen when hosts move; fixing them usually involves editing the
> ~/.ssh/known_hosts file.  Might something like that work here?  Where
> does the net-ssh host key cache live?

It uses the same known_hosts file as the OpenSSH command-line client  
(~/.ssh/known_hosts).

- Jamis


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
casey helbling  
View profile
  More options May 8 2007, 5:35 pm
From: casey helbling <caseyhelbl...@gmail.com>
Date: Tue, 08 May 2007 21:35:12 -0000
Local: Tues, May 8 2007 5:35 pm
Subject: Re: Poss