Resolving Issues with Laravel Remote SSH Keys

I was recently banging my head over getting SSH keys to work with Laravel’s Remote Component. I’m apparently not alone in having problems getting this to work.

I set up my remote connection as expected, pointing to my SSH private key file:

'production' => array(
'host' => 'xxx',
'username' => getenv('SSH_USER'),
'password' => '',
'key' => '/Users/gtaylor/.ssh/id_rsa',
'keyphrase' => '',
'root' => '/var/www',

But received the following error message:

Unable to connect to remote server.

I tried a number of potential fixes (file permissions, pointing to the public key instead (more on that below), etc.), but I could not authenticate using the SSH key.

I was finally able to resolve this issue by creating new public/private keys for my remote. Once I pointed the config to the new private key(‘/Users/gtaylor/.ssh/xxx’), instead of the “generic” one (/Users/gtaylor/.ssh/id_rsa), it worked. However, it actually turns out that my “id_rsa” private key is encrypted and has a passphrase, but since I created it a long time ago and I am not prompted for the passphrase each time I use it, I assumed it didn’t. :/

Look for this at the top of the file:

Proc-Type: 4,ENCRYPTED

If you run into the same issue and know your passphrase, you can run the following command to create  de-crypted version (or simply use the keyphrase attribute in the remote config):

openssl rsa –in enc.key -out dec.key

Otherwise, Digital Ocean has a nice tutorial on creating a new key pair.

Also, in Jeffrey Way’s nice Laracast video on the Remote Component, he provides a quick example of using a key with an abbreviated path (‘~/.ssh/’) to the public key. Neither using an abbreviated path or pointing to the public key seems to work, so that might lead to confusion for some people.

Lastly, even though I’m using Vagrant for this particular app, I normally run artisan commands outside of Vagrant and with the OS X built-in PHP CLI (hence the path above to the private key). In this case, the default 600 file permissions should not be a problem.

I hope this helps somebody.