We use SVN (we’d like to use git, but we haven’t convinced TracGitPlugin to work for us yet) with SSH access to deploy our application.

Our application servers have SSH access to our master repository, but they must login with public keys only, and we prefer that they do so with the user id of the person doing the deploying.

So we have in our config/deploy.rb:

set :repository, "svn+ssh://"+ENV['USER']+"@svn.example.com/path/to/proj/repo//trunk"

Each of our application servers have a special login accessed by SSH public key authentication, which holds our source code. We don’t use sudo, but we probably should. Eventually, with git, we would expect to do a git push to our application server, and then it could do a local checkout. That would permit our application servers to operate with access to the SVN master system.

To get the public key authentication from application server to SVN master we needed to have SSH authentication agent forwarding. With Rails 1.2.3, we had to hack the file:

/var/lib/gems/1.8/gems/capistrano-2.0.0/lib/capistrano/ssh.rb

to add “:forward_agent => true”.

With 2.0.2, we can just add to config/deploy.rb:

set :ssh_options, { :forward_agent => true }

and every works the way we wanted.