6

Note that this is the original article I've been following along with:
http://www.markdotto.com/2011/11/02/how-to-deploy-sites-via-github/

To give you a bit of background: We have a private repo set-up under an organisation account. We have three developers (myself included) who have our own accounts with GitHub and have administrator rights to the private repo.

While working on the project we clone the repo and then create a 'dev' branch. We each work from our own dev branch and push changes to the 'dev' branch on GitHub.

We want to get this dev branch onto our remote server so we can test the combined code works before merging it into our master branch (which should be clean/always deployable).

From here we're following the above article steps which is to connect to our server via SSH, go to the relevant directory where our website is hosted and run the following command...

git clone git@github.com:ORGANISATION/REPO.git dev

The first issue we had was our server returned the message...

Cloning into dev...
ssh: connect to host github.com port 22: Connection refused
fatal: The remote end hung up unexpectedly

...where I would have it expected it to ask us for a password?

So instead we tried the HTTP url...

git clone https://USER@github.com/ORGANISATION/REPO.git dev

...you'll notice the HTTP url uses my own USERNAME now when cloning. I enter my password and it displays Cloning into dev... but then it displays the following error...

error: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://Integralist@github.com/StormCreative/MoneyRepublic.com.git/info/refs
fatal: HTTP request failed

...I don't understand the error.

So how do we clone this private repo onto our server?

Any help appreciated!

Kind regards, Mark

Integralist
  • 2,161
  • 1
  • 32
  • 50
  • possible duplicate of [HTTPS github access](http://stackoverflow.com/questions/3777075/https-github-access) – rtn Mar 13 '12 at 13:12

2 Answers2

11

The first issue happens because you don't have the local rsa key linked to your account on GitHub (and yes, you link the rsa key to your account, and the organisation is linked to your account as well).

In the local machine (or remote server) where you are trying to clone the repository, you need to generate a rsa key:

ssh-keygen -t rsa

When you are generating the key, you chose a password and a place to store the id_rsa.pub file, that actually contains the key.

On GitHub, you need to add this key, the exact content of id_rsa.pub, to your ssh keys on your account administration panel.

Daniel Ribeiro
  • 10,156
  • 12
  • 47
  • 79
  • thanks for the reply. I've tried generating a SSH using the command `ssh-keygen -t rsa -C "my-github-email-account"` and after it asked "Enter file in which to save the key (/root/.ssh/id_rsa): " I put "github_mark" and then entered a passphrase (twice). But I can't find the SSH key data which I need to copy so I can add it to GitHub's https://github.com/settings/profile#ssh_bucket page? – Integralist Mar 13 '12 at 16:07
  • I also assume that `/root/.ssh/id_rsa` can hold multiple keys hence why I was able to enter a name of `github_mark` before entering the passphrase. – Integralist Mar 13 '12 at 16:11
  • That's why they recommend you don't write anything in the "Enter file in which to save the key (/root/.ssh/id_rsa)" part. Just hit enter, chose the password and the public key will be in that exact path (/root/.ssh/id_rsa). – Daniel Ribeiro Mar 13 '12 at 16:13
  • So just to be clear if I don't provide a name and just hit enter then I can only generate one SSH key for cloning/pulling in this private repo? What about the other developers who have access to my server, as they would need to be able to git pull/clone etc as well. Would they be able to use the SSH key from their GH account? – Integralist Mar 13 '12 at 16:23
  • Each local machine (each developer) has its own rsa key. That's the whole point of being a key in the first place. I assume your local development machine is used just by you, and that's the most common way we developers use to do things. The basic is: each machine has its own public key, so you need to link all of the keys to your repository; or account, if the repo belongs to an organisation. – Daniel Ribeiro Mar 13 '12 at 16:27
  • Ah I see where the confusion has come from. We're not working locally. We have a live remote server set-up which is hosting the currently live site. We want to clone the repo into a sub folder so we can test the code on the live server environment. Ps, I set-up the SSH key on the live remote server as you have said and added that to my GH account but if I try and to a git clone I still get the error: `Cloning into dev... ssh: connect to host github.com port 22: Connection refused fatal: The remote end hung up unexpectedly` – Integralist Mar 13 '12 at 16:29
  • Well, if you have all ssh keys set up correctly, you may be facing a real error. Try running ssh git@github.com to see if the connection can be stabilished. What version of git do you have on the remote server? – Daniel Ribeiro Mar 13 '12 at 16:32
  • git version 1.7.4.1 is what's on the server, but running `ssh git@github.com` shows ssh: connect to host github.com port 22: Connection refused so I assume I'll need to contact our hosting company to open that port? – Integralist Mar 13 '12 at 16:34
  • That could be the problem, yes. Try contacting github's support as well. I guess my part is done. :) – Daniel Ribeiro Mar 13 '12 at 16:35
  • thanks :-) I should have the port opened by tomorrow morning so I can try again the SSH key I've set-up and added to my GH account. And if that works I'll see if the other devs can use the same SSH key (as it was set-up on the remote server without an email or name so I'm hoping it can be used under different GH accounts) – Integralist Mar 13 '12 at 16:46
  • They will be able to copy that key and use it in their local machines, but that doesn't make a whole lot of sense. Each developer should have it's own public key. – Daniel Ribeiro Mar 13 '12 at 16:48
0

I am not sure if i can help you with the error which looks like an SSL issue to me. But i can suggest you another approach. I deploy my blog to my server in this way:

  • I have created a git repo on the server called deploy.
  • I have added this deploy repo as a remote to my local repo.
  • I push the changes to this repo when i want to deploy.
  • Inside my deploy repo I have setup a post-receive hook so that whenever changes are pushed it automatically clones the repo on the server inside Apache's hosts directory which serves the latest version of my website.

I can provide you with the gist of my post-receive hook if you need it. If your website is in rails you can use Capistrano for deployment.

edit: here is my post-receive hook

GIT_REPO=$HOME/aliirz.git
PUBLIC_WWW=/var/www/myrepo

git clone $GIT_REPO $PUBLIC_WWW
exit

Regards

edit: drgomesp's answer above is totally the solution. It skipped my mind that you need your SSH keys to be hooked up with Github.

aliirz
  • 1,008
  • 2
  • 13
  • 25
  • thanks for the feedback - I'm just waiting for some feedback from @drgomesp so yes I'd like to see that post-receive hook as that could help also. – Integralist Mar 13 '12 at 16:10
  • Yes please if you could send over your post-receive hook as it seems that drgomesp's solution isn't working out at the moment (see our discussion) – Integralist Mar 13 '12 at 16:32