I have a few web services that require secure tokens/keys/passwords to be passed in. Where should I define these secure values for my rails app to see? I want the development keys in version control, but don't want the production keys in version control. How should I set this up? I'm new to rails.

You see the question properly.

Put your passwords and keys in some yml file excluded from version control.

Then on your production server, create the very same file and symlink your app to it every time you deploy.

EDIT.

Capistrano is almost made to fits these needs:

• put your yml files in the shared folder

• In your capistrano deploy.rbfile:

  after 'deploy' do
    run "ln -s #{shared_path}/database.yml #{release_path}/config/database.yml"  
  end
  

• to work with yml files: http://railscasts.com/episodes/85-yaml-configuration-file

apneadiving is right, symlinking the files is a good idea. Another approach is to put the keys in the shell variables, accessible only to the user that runs the app. Then, in your rails app you'll have

login = ENV['SERVICE_LOGIN']
password = ENV['SERVICE_PASSWORD']

As of Rails 4.1.0, check out secrets.yml.