Net::SSH::AuthenticationFailed が解決できない

作成中のRailsアプリケーションをEC2に手動デプロイしました。
ローカルで編集したファイルをmasterにpushして、 EC2から git pull して変更を取り込んでいました。

自動デプロイに挑戦してみようと思い、(Capistrano編)世界一丁寧なAWS解説。EC2を利用して、RailsアプリをAWSにあげるまで - Qiitaを参考にさせていただき、
bundle exec cap production deploy してみたところ、下記のようなエラーが出てきてしまいました。
エラー文で調べてみましたが、なかなか上手くいきませんでした。
(ssh-addすると解決するという記事が多かったので試してみましたが、上手くいきませんでした。)
SSH周りのエラーのようですが、EC2には変わらずSSHでログインできていますし、ログインするための鍵へのパスも設定ファイルに記述しているはずなのですが....
このエラーに関して、解決方法をご教示いただけませんでしょうか。何卒よろしくお願いいたします。

【環境】
Docker(ローカル環境のみ)
Rails5.2
ruby2.5.8
Mysql
Unicorn
Nginx

$ docker compose run web bundle exec cap production deploy
Starting producer_db_1 ... done
#<Thread:0x000055662e39fd70@/usr/local/bundle/gems/sshkit-1.21.0/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
Traceback (most recent call last):
        1: from /usr/local/bundle/gems/sshkit-1.21.0/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/usr/local/bundle/gems/sshkit-1.21.0/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as ec2-user@{EC2の固定IP}: Authentication failed for user ec2-user@{EC2の固定IP} (SSHKit::Runner::ExecuteError)
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as ec2-user@{EC2の固定IP}: Authentication failed for user ec2-user@54.248.73.171


Caused by:
Net::SSH::AuthenticationFailed: Authentication failed for user ec2-user@{EC2の固定IP}

#/workspace/appname/config/deploy/production.rb

# server-based syntax
# ======================
# Defines a single server with a list of roles and multiple properties.
# You can define all roles on a single server, or split them:

server "{EC2の固定IP}", user: "ec2-user", roles: %w{app db web}
# server "example.com", user: "deploy", roles: %w{app web}, other_property: :other_value
# server "db.example.com", user: "deploy", roles: %w{db}



# role-based syntax
# ==================

# Defines a role with one or multiple servers. The primary server in each
# group is considered to be the first unless any hosts have the primary
# property set. Specify the username and a domain or IP for the server.
# Don't use `:all`, it's a meta role.

# role :app, %w{deploy@example.com}, my_property: :my_value
# role :web, %w{user1@primary.com user2@additional.com}, other_property: :other_value
# role :db,  %w{deploy@example.com}



# Configuration
# =============
# You can set any configuration variable like in config/deploy.rb
# These variables are then only loaded and set in this stage.
# For available Capistrano configuration variables see the documentation page.
# http://capistranorb.com/documentation/getting-started/configuration/
# Feel free to add new variables to customise your setup.



# Custom SSH Options
# ==================
# You may pass any option but keep in mind that net/ssh understands a
# limited set of options, consult the Net::SSH documentation.
# http://net-ssh.github.io/net-ssh/classes/Net/SSH.html#method-c-start
#
# Global options
# --------------
 set :ssh_options, keys: "~/.ssh/EC2にSSHでログインするための秘密鍵.pem"
 
#
# The server-based syntax can be used to override options:
# ------------------------------------
# server "example.com",
#   user: "user_name",
#   roles: %w{web app},
#   ssh_options: {
#     user: "user_name", # overrides user setting above
#     keys: %w(/home/user_name/.ssh/id_rsa),
#     forward_agent: false,
#     auth_methods: %w(publickey password)
#     # password: "please use keys"
#   }

# config/deploy.rb

# config valid for current version and patch releases of Capistrano
lock "~> 3.14.1"

set :application, "{アプリ名}"
set :repo_url, "git@github.com:{自分の名前}/{アプリ名}.git"

set :branch, "master"
# ask :branch, `git rev-parse --abbrev-ref HEAD`.chomp

# Default deploy_to directory is /var/www/my_app_name
set :deploy_to, "/var/www/rails/{アプリ名}"

# Default value for :format is :airbrussh.
# set :format, :airbrussh

# You can configure the Airbrussh format using :format_options.
# These are the defaults.
# set :format_options, command_output: true, log_file: "log/capistrano.log", color: :auto, truncate: :auto

# Default value for :pty is false
# set :pty, true

# Default value for :linked_files is []
set :linked_files, fetch(:linked_files, []).push('config/settings.yml')

# Default value for linked_dirs is []
set :linked_dirs, fetch(:linked_dirs, []).push('log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'vendor/bundle', 'public/system')

# Default value for default_env is {}
# set :default_env, { path: "/opt/ruby/bin:$PATH" }

# Default value for local_user is ENV['USER']
# set :local_user, -> { `git config user.name`.chomp }

# Default value for keep_releases is 5
set :keep_releases, 5

set :rbenv_ruby, '2.5.8'

set :log_level, :debug

namespace :deploy do
  desc 'Restart application'
  task :restart do
    invoke 'unicorn:restart'
  end

  desc 'Create database'
  task :db_create do
    on roles(:db) do |host|
      with rails_env: fetch(:rails_env) do
        within current_path do
          execute :bundle, :exec, :rake, 'db:create'
        end
      end
    end
  end

  desc 'Run seed'
  task :seed do
    on roles(:app) do
      with rails_env: fetch(:rails_env) do
        within current_path do
          execute :bundle, :exec, :rake, 'db:seed'
        end
      end
    end
  end

  after :publishing, :restart

  after :restart, :clear_cache do
    on roles(:web), in: :groups, limit: 3, wait: 10 do
    end
  end
end


# Uncomment the following to require manually verifying the host key before first deploy.
# set :ssh_options, verify_host_key: :secure

行動規範の内容に同意します

回答2件

dockerコンテナに、 "/.ssh/EC2にSSHでログインするための秘密鍵.pem"がないという可能性はないでしょうか？
もしなければ
方法①　ローカルの/.ssh をマウントする
方法②　応急処置にはなりますが、pemの中身をコピーしてdockerコンテナの~/sshに持っていく
などで解決できると思います。

投稿2020/08/08 11:31