Summary
When a server has broken IPv6 connectivity, Vito's site installation fails at the git clone step (~30% progress) with an SSH error. The root cause is how Vito generates per-site SSH configs — the host alias format prevents standard IPv6 workarounds from working.
Environment
- Vito version: latest
- OS: Ubuntu 24.04
- Server has IPv6 configured but unreachable (common on many VPS providers)
What Vito Generates
For each site, Vito creates an SSH config like this (e.g. /home/<site-user>/.ssh/config):
Host github.com-site_55
Hostname github.com
IdentityFile=~/.ssh/site_55
Git clone uses this alias: git clone git@github.com-site_55:user/repo.git
The Problem
On servers with broken IPv6, SSH tries to connect via IPv6 first → Network is unreachable → git clone times out or fails.
The natural fix is to add AddressFamily inet to /etc/ssh/ssh_config:
Host github.com
AddressFamily inet
But this does NOT work. SSH matches Host patterns against the hostname used in the command (github.com-site_55), not against the resolved Hostname value (github.com). So Host github.com never matches the alias github.com-site_55.
Diagnosis
The error in Vito logs is typically:
ssh: connect to host github.com port 22: Network is unreachable
or a timeout after ~46 seconds, reported as "SSH command failed".
Users who add the correct GitHub deploy key but still see this error are likely hitting this IPv6 issue, not an authentication problem.
Workaround
Add AddressFamily inet to the Host * block in /etc/ssh/ssh_config (requires root):
Host *
AddressFamily inet
# ... other options
This applies to ALL SSH connections server-wide. On servers where IPv6 is non-functional, this is safe and desirable.
Suggested Fix
Vito should add AddressFamily inet to the per-site SSH config it generates:
Host github.com-site_55
Hostname github.com
IdentityFile=~/.ssh/site_55
AddressFamily inet
This would make Vito resilient to broken IPv6 without requiring manual server configuration.
Impact
This is a silent failure — the error message "SSH command failed" gives no indication of IPv6 being the root cause. Users typically try re-adding deploy keys repeatedly without success. IPv6 being broken (but configured) is common on many VPS/cloud providers.
Summary
When a server has broken IPv6 connectivity, Vito's site installation fails at the git clone step (~30% progress) with an SSH error. The root cause is how Vito generates per-site SSH configs — the host alias format prevents standard IPv6 workarounds from working.
Environment
What Vito Generates
For each site, Vito creates an SSH config like this (e.g.
/home/<site-user>/.ssh/config):Git clone uses this alias:
git clone git@github.com-site_55:user/repo.gitThe Problem
On servers with broken IPv6, SSH tries to connect via IPv6 first →
Network is unreachable→ git clone times out or fails.The natural fix is to add
AddressFamily inetto/etc/ssh/ssh_config:But this does NOT work. SSH matches
Hostpatterns against the hostname used in the command (github.com-site_55), not against the resolvedHostnamevalue (github.com). SoHost github.comnever matches the aliasgithub.com-site_55.Diagnosis
The error in Vito logs is typically:
or a timeout after ~46 seconds, reported as "SSH command failed".
Users who add the correct GitHub deploy key but still see this error are likely hitting this IPv6 issue, not an authentication problem.
Workaround
Add
AddressFamily inetto theHost *block in/etc/ssh/ssh_config(requires root):This applies to ALL SSH connections server-wide. On servers where IPv6 is non-functional, this is safe and desirable.
Suggested Fix
Vito should add
AddressFamily inetto the per-site SSH config it generates:This would make Vito resilient to broken IPv6 without requiring manual server configuration.
Impact
This is a silent failure — the error message "SSH command failed" gives no indication of IPv6 being the root cause. Users typically try re-adding deploy keys repeatedly without success. IPv6 being broken (but configured) is common on many VPS/cloud providers.