When cap deploy keeps asking for passwords even though you’ve set up your authorized_keys files, do two things:
First, check perms for the whole directory tree leading up to $HOME/.ssh:
server$ chmod go-w ~/
server$ chmod 700 ~/.ssh
server$ chmod 600 ~/.ssh/authorized_keys
Second, add the deploy user’s public key to the authorized_keys file. Test by ssh’ing to localhost. No password = good to go!