I have the following deploy script set up with Capistrano v3 and capistrano/symfony gem. I am deploying to an AWS EC2 instance with Ubuntu 14.4 I am connecting with a .pem file downloaded from AWS. I have the following in my deploy.rb

set :pty, true

set :ssh_options, {
  user: 'ubuntu',
  keys: ['/Users/myuser/Sites/Myproject.pem'],
  forward_agent: true,
  auth_methods: ["publickey"]
}

when deploying with

bundle exec cap staging deploy --trace

The script connects fine but fails on this

INFO [4fd1b02c] Running /usr/bin/env git ls-remote --heads git@github.com:MyName/Myproject.git as ubuntu@ec2-00-000-000-000.eu-west-1.compute.amazonaws.com
DEBUG [4fd1b02c] Command: ( SYMFONY_ENV=prod GIT_ASKPASS=/bin/echo GIT_SSH=/var/www/tmp/myproject/git-ssh.sh /usr/bin/env git ls-remote --heads git@github.com:MyName/Myproject.git )

DEBUG [4fd1b02c]    Permission denied (publickey).
DEBUG [4fd1b02c]    
DEBUG [4fd1b02c]    fatal: Could not read from remote repository.
DEBUG [4fd1b02c]    
DEBUG [4fd1b02c]    
DEBUG [4fd1b02c]    Please make sure you have the correct access rights
DEBUG [4fd1b02c]    
DEBUG [4fd1b02c]    and the repository exists.
DEBUG [4fd1b02c] 

cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as ubuntu@ec2-00-000-000-000.eu-west-1.compute.amazonaws.com: git exit status: 128
git stdout: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
git stderr: Nothing written

I don't know why forward_agent is not working?

I have been trying to follow this guide - https://developer.github.com/guides/using-ssh-agent-forwarding/#testing-ssh-agent-forwarding

but when I get to this

echo "$SSH_AUTH_SOCK"

It prints a blank line.

Also if I run this on the server it says command not found

sshd_config

Double-check that the user running Capistrano has ssh-agent running and has ssh-added the relevant key.

Here are some good guides:

https://developer.github.com/guides/using-ssh-agent-forwarding/

http://mah.everybody.org/docs/ssh

The solution to my problem was two things. Firstly I had to forward my id_rsa in the script like this:

set :ssh_options, {
  user: 'ubuntu',
  keys: ['~/.ssh/id_rsa'],
  forward_agent: true,
  auth_methods: ["publickey"]
}

I put my id_rsa.pub key on the server so that I could ssh into the server with the same key as i was forwarding.

The second thing I had to do was set the permissions on /tmp using

chmod 1777 /tmp

I have faced similar issue during the cap run "$ bundle exec cap test deploy"

Error : 
git stdout: Nothing written
git stderr: Warning: Permanently added the RSA host key for IP address 'xxxxxxxxx' to the list of known hosts.
Permission denied (publickey).
fatal: Could not read from remote repository.

For this scenario, we need to authenticate github account using ssh key

Navigate to the github -> Settings -> SSH and GPG keys (section) -> Add "New SSh Key", copy your public key($ ssh-keygen #generate new key)) and paste key input field. Once the key is added, using this command "$ ssh -T git@github.com" check the authentication. It will shows following output

Hi <xxxxxxxx>! You've successfully authenticated, but GitHub does not provide shell access.

Now It is working fine!.