DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43083>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43083 Summary: [SUBMIT] sshsession task Product: Ant Version: 1.7Alpha (nightly) Platform: All OS/Version: other Status: NEW Severity: enhancement Priority: P2 Component: Optional Tasks AssignedTo: dev@ant.apache.org ReportedBy: [EMAIL PROTECTED] Sshsession is a container task which establishes an SSH connection, and optionally any number of local or remote tunnels over that connection, then executes any nested tasks before taking down the connection. My purpose in writing it is that we use cvs, and secure all access by only allowing cvs connections from localhost, which are tunneled over SSH connections. Establishing those connections is the only manual step in an otherwise automated build process. While I could use exec to issue the putty command (this is done on windoze) conditionally if a server is not already accessible at localhost port 2401, it gets more complicated with a passphrase on the keypair being used. Furthermore, there was no way to ensure that an existing connection is the connection we should be using, and no way to bring the connection down once we are done with it. So I wrote SSHSession, extending SSHBase. The sshsession task establishes an SSH connection with a remote machine running SSH daemon, optionally establishes any number of local or remote tunnels over that connection, then executes any nested tasks before taking down the connection. SSHSession is adapted from SSHExec, though all the command execution related properties and logic were removed. I added support for defining the tunnels via properties and/or nested elements. I only needed local port forwarding, but added remote port forwarding for completeness. Using SSHSession with a local tunnel (2401:localhost:2401) and nested CVS commands does exactly what we need. Other uses could involve anything needing to make a TCP connection to a server not otherwise accessible through a firewall, e.g. HTTP <get>, SMTP <mail>, JDBC <sql>... Because I've utilized the existing authentication and connection logic from SSHExec and SSHBase, the new task is as reliable in that regard as SSHExec. I've personally tested only the keypair with passphrase method of authentication, but I tested both local and remote port forwarding. I have no server setup to accomodate testing the other authentication options. In the attached svn diff, please find SSHSession.java, sshsession.html, and mods to defaults.properties and optionaltasklist.html -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
