Forum: Ruby on Rails SwitchTower with public key authentication?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Pau Garcia i Quiles (Guest)
on 2006-01-22 19:07
(Received via mailing list)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

BEWARE: this is not a Rails question, but a SwitchTower question. I am
asking
here because SwitchTower is usually employed with Rails.


I am developing what we may call a "distributed video player" in Ruby
(this is
NOT a Rails application). It works this way: I have several boxes that
play
videos and one server, where I store the contents I will later send to
the
playing boxes (videos are played from local files, not streamed).

When I want to play a video, I want to play it at once in every box, so
I must
send it to every playing box, wait for the files to transfer to every
box,
then send a "play" command to every box.

I'm thinking of using SwitchTower to automate that step. The problem is
the
password to transfer the files. I've read
http://manuals.rubyonrails.com/read/chapter/97 and it looks like I need
to
have the same password for all servers. I don't like this approach very
much,
I think it's not very secure.

So the question is: is it possible to use public key authentication in
SwitchTower?

- --
Pau Garcia i Quiles
http://www.elpauer.org
(En general no puedo contestar antes de 10 días)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFD07uH/DzYv9iGJzsRAhwyAKCb2tvH1glmddmOrHtLRqIXupYaRgCg0z81
jGSX+KdPX5qYs+wGZCmNM3w=
=kZRS
-----END PGP SIGNATURE-----
Gijs van Tulder (Guest)
on 2006-01-22 20:30
(Received via mailing list)
Hi Pau,

You can use ssh-agent and ssh-add to make your public keys available
for every ssh connection. If you do that and then run Switchtower, you
don't have to enter any passwords. It'll use the keys it gets from the
ssh-agent.

I used this page to set up my ssh-agent:
http://mah.everybody.org/docs/ssh

Hope that helps,

Gijs van Tulder
Guido S. (Guest)
on 2006-01-22 21:22
(Received via mailing list)
I have ssh-agent working fine. Only when I try to connect to my own
host, then it asks for a password. Any ideas on how to make it work
from a host to the same host?

-- G.
Gijs van Tulder (Guest)
on 2006-01-22 21:34
(Received via mailing list)
> I have ssh-agent working fine. Only when I try to connect to my own
> host, then it asks for a password. Any ideas on how to make it work
> from a host to the same host?

Stupid question perhaps, but have you added the public key of your own
host to the list of authorized keys of that host (just like you've
done for the remote hosts)?

Gijs
Guido S. (Guest)
on 2006-01-22 22:23
(Received via mailing list)
On Jan 22, 2006, at 7:31 PM, Gijs van Tulder wrote:

>> I have ssh-agent working fine. Only when I try to connect to my own
>> host, then it asks for a password. Any ideas on how to make it work
>> from a host to the same host?
>
> Stupid question perhaps, but have you added the public key of your own
> host to the list of authorized keys of that host (just like you've
> done for the remote hosts)?
>
> Gijs

Not a stupid question at all. Have done that, tried the RSA key and
DSA key too. For various IP and name combinations too. Somehow, I
think it should be something I need to add to something in /etc/
ssh ... but I can't figure out exactly what.

-- G.
Gijs van Tulder (Guest)
on 2006-01-22 22:53
(Received via mailing list)
> Somehow, I think it should be something I need to add to
> something in /etc/ ssh ... but I can't figure out exactly what.

* In /etc/ssh/sshd_config, is PubkeyAuthentication set to yes?
* Also in /etc/ssh/sshd_config, check if the name of the
authorized_keys file is correct. (On some systems it's called
authorized_keys2.)
* Check the permissions of your ~/.ssh/ directory and the
authorized_keys file: chmod 755 and 644 respectively.

Gijs
Guido S. (Guest)
on 2006-01-23 00:16
(Received via mailing list)
On Jan 22, 2006, at 8:51 PM, Gijs van Tulder wrote:

> * In /etc/ssh/sshd_config, is PubkeyAuthentication set to yes?
> * Also in /etc/ssh/sshd_config, check if the name of the
> authorized_keys file is correct. (On some systems it's called
> authorized_keys2.)
> * Check the permissions of your ~/.ssh/ directory and the
> authorized_keys file: chmod 755 and 644 respectively.

All those appear to be in order. I double checked everything and was
on the verge on sending it to say that was the case, then I decided
to hunt a little more. I have a ssh agent that wasn't reading its
socket anymore. Started the app up again and it read its socket ok
(accepted ssh-add ~/.ssh/id_dsa.pub) but no joy.

Ultimately, it appears that what you thought to be a stupid question
was in fact the problem! Between mail and terminal, my brain forgot
each time to do AUTHORIZED_KEYS, and tab completed its way to
KNOWN_HOSTS. Blah! Sorry for wasting your time (and mine!) ... :-)
Methinks an empty one should be created by default ...

-- G.
This topic is locked and can not be replied to.