Hi Mykel,
You can set up Maven to use putty as your ssh client. Then you can use you
putty keys and pageant.
You do this by adding the following to your server configuration in
settings.xml:
<server>
<id>server-id</id>
<username>username</username>
<configuration>
<sshExecutable>plink</sshExecutable>
<scpExecutable>pscp</scpExecutable>
</configuration>
</server>
You can find more documentation in "Guide to deploying with an external SSH
command", which can usually be found from
http://maven.apache.org/guides/index.html. However, that link seems to be
broken at the moment :-(
Best regards
Simon Kepp Nielsen, Configurations Manager
PFA Pension, Teknisk Arkitektur
Mobile: +45 30 52 77 07
E-mail: [EMAIL PROTECTED]
PFA Pension
Sundkrogsgade 4
DK-2100 Copenhagen OE
Disclaimer
This message is for the designated recipient only and may contain confidential
or privileged information. If you have received the message in error, please
notify the sender by replying the e-mail and delete the message without copying
or disclosing.
-----Oprindelig meddelelse-----
Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af Mykel Alvis
Sendt: 28. juli 2006 08:02
Til: Maven Users List
Emne: M2 Problems using wagon-ssh and scp site:deploy, but eventual success
I'm just a caveman programmer, and my attempts to use the wagon-ssh extension
were failing under strange circumstances. Come close around the fire while I
tell the story of what I call "The Demon of Attempting To Deploy Using SSH
Under Windows".
It all started yesterday.....
{cue the Scooby Doo wavy lines, and/or the Mr. Peabody and Sherman noises...}
I had the latest update of the maven eclipse plugin as well as maven
2.0.4installed on the machine that I ran these scenarios with. The username on
the Windows box I was using is "Mykel". I had already supplied the receiving
host with my public key, which I generated using putty-0.58
In my pom.xml :
<build>
<extensions>
<extension>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-ssh</artifactId>
<version>1.0-beta-1</version>
</extension>
</extensions>
</build>
<distributionManagement>
<site>
<id>site-id</id>
<name>Sourceforge Site</name>
<url>scp://shell.sourceforge.net/home/groups/r/rp/rpgee/htdocs/</url>
</site>
</distributionManagement>
In my settings.xml :
<server>
<id>site-id</id>
<username>myusername</username>
<privateKey>c:/putty/sourceforge-Shell.ppk</privateKey>
<passphrase>passphrase</passphrase>
<directoryPermissions>775</directoryPermissions>
<filePermissions>664</filePermissions>
</server>
The .ppk file indicated is the same one I was supplying to pageant to allow my
caveman brain to not have to remember the passwords for the remote hosts.
I had decided that I was simply not going to be able to invoke the site:deploy
command from inside the maven2 eclipse plugin. It has never worked on either
windows or linux. I like the eclipse plugin quite a lot, but I can't ever seem
to get it to invoke a deployment successfully.
I eventually accepted the "fact" that pageant was NOT going to authenticate me
via maven, and in doing so I said "yes" when asked if I wanted to trust the
remote box. It added shell.sourceforge.net to known_hosts inside c:\documents
and settings\Mykel\.ssh\known_hosts (which had to be created from the command
line since XP didn't want to let me name a directory ".ssh").
Note that I BELIEVE putty puts its known_hosts in c:\documents and
settings\Mykel\ssh\known_hosts (ssh with no leading period) I already had that
directory with a known_hosts file in it. I'm not saying the maven plugin is
wrong. I'm just a caveman programmer and it seems like it isn't doing what I
believe putty does. Under windows, putty isn't the ONLY ssh client. Just the
one used by caveman programmers.
But I digress...
The site deployment using scp seems to work fairly well under linux. The
openssh key swap that I had to do to make it work smoothly wasn't so bad and I
haven't experienced a problem, although I have not yet tried to deploy to
sourceforge using linux yet so I might be wrong about that. But all in all,
the linux deploys seem to go smoothly.
Under windoze, things are slightly different:
doing a mvn site:deploy, I was greeted with the following:
--------------------------------------------------------
Using private key: c:\putty\sourceforge-Shell.ppk
Identity: com.jcraft.jsch.JSchException: invaid privatekey:
c:\putty\sourceforge-Shell.ppk
Session error: com.jcraft.jsch.JSchException: invaid privatekey:
c:\putty\sourceforge-Shell.ppk
scp://shell.sourceforge.net/home/groups/r/rp/rpgee/htdocs/ - Session:
Disconnecting
scp://shell.sourceforge.net/home/groups/r/rp/rpgee/htdocs/ - Session:
Disconnected
[INFO]
------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO]
------------------------------------------------------------------------
[INFO] Error uploading site
Embedded error: Cannot connect. Reason: invaid privatekey:
c:\putty\sourceforge-Shell.ppk
--------------------------------------------------------
Apparently, that's a invalid private key. Paegent thinks it's OK and I can use
putty to ssh to the shell.sourceforge.net server without entering my passphrase
more than once or a password at all. So, of course, I think the key is good.
But what do I know? I'm just a caveman programmer.
I noticed, when I invoked the site:deploy WITHIN THE IDE that no matter what I
tried in settings.xml, it still sent my WINDOWS username ("Mykel") instead of
my sourceforge username ("myusername").
That is, within the eclipse plugin it was invoking an ssh call to [EMAIL
PROTECTED] instead of [EMAIL PROTECTED] . I didn't know why, but I'm just a
caveman programmer.
This is a clip of the output log from within eclipse using the above settings.
[DEBUG] (f) project = [EMAIL PROTECTED]
[DEBUG] (f) settings = [EMAIL PROTECTED]
[DEBUG] -- end configuration --
[INFO] site:deploy
Password for [EMAIL PROTECTED]: <--- and the prompt is waiting
for me to log in. I can't since Mykel isn't my sourceforge shell user name
So I changed settings.xml to this:
--------------------
<server>
<id>site-id</id>
<username>myusername</username>
<!--
<privateKey>c:/putty/sourceforge- Shell.ppk</privateKey>
<passphrase>passphrase</passphrase>
-->
<directoryPermissions>775</directoryPermissions>
<filePermissions>664</filePermissions>
</server>
Now I'm just a caveman programmer, so I reverted back to the old ways. The
ways before the coming of the IDE. When vi was the editor of the masses and
the shamans used emacs to commune with the gods.
I went back to the old ways and used.... THE COMMAND LINE.
I invoked mvn site:deploy using the old ways, and it prompted me for the
password for my actual sourceforge id
[INFO] task-segment: [site:deploy]
[INFO]
----------------------------------------------------------------------------
[INFO] [site:deploy]
Password for [EMAIL PROTECTED]:
SO...on the command line I typed in my password (to my sourceforge account) and
the site deployd without a hitch. So the scp url WILL work with the correct
password supplied, assuming you can get the plugin to send the correct
username. If I add a <password>mysourceforgepassword</password>
element to the <server> it doesn't even ask for the password. It just reads
it from the server config. The old ways were always best.
Obviously, it's great that the site deploys but that doesn't seem quite right.
I think it's sending the password across the wire unencrypted. I don't know
that for sure. After all, I'm just a caveman programmer. I spent about an
hour trying to dig out the answer in the maven wagon source.
I wasn't facile enough with that source to make a determination, but I'm just a
caveman programmer.
After sniffing the dirt and reading the patterns of migrating birds, my
investigations led me to the following conclusions:
1. Within the eclipse ide, the username supplied to a server that uses the ssh
wagon is the Windows username, not the username specified in the settings.xml .
It appears that I am too much of a caveman to figure out why. Also, I stopped
caring when it became apparent that that effect only occurred within the
eclipse plugin using the m2 invoker. And since it worked on the command line,
I used the External Tools and invoked the mvn.bat of my maven 2.0.4 install
directly and it worked fine from inside the IDE (as an external tool program
invocation, not as an m2 build invocation).
2. The key file I produced using puttygen (version 0.58 in my case) is
incompatible with the ssh wagon. This one was nagging me, like when the elk
manages to escape even though you have stalked it for many hours.
I remembered an Export function in puttygen. I started puttygen and looked for
that function. "Export" looked like a promising menu choice. As did "OpenSSH
key" under "Export".
It turns out that if one loads the private key back into puttygen in and
"Exports"->"OpenSSH keyfile" (with a different name of course like
sourceforge-Shell-openssh.ppk), then points the privateKey field to the NEW
keyfile, and supplies the <passphrase> for that new keyfile, it works
flawlessly. It's all a question of format of the putty keyfile. This may be
documented somewhere, but like a lot of the maven documentation, it's probably
in the one place that caveman programmers would never look. Like near the SOAP
calls. :)
My NEW settings.xml has this server def:
<server>
<id>site-id</id>
<username>myusername</username>
<privateKey>c:/putty/sourceforge-Shell-openssh.ppk</privateKey>
<passphrase>keyfilepassphrase</passphrase>
<directoryPermissions>775</directoryPermissions>
<filePermissions>664</filePermissions>
</server>
I only use that privateKey for doing maven deployments. The other key (in the
putty format) is the one I load into Pageant to allow me to ssh to remote hosts
without unencrypted authentication across the wire.
I don't really know if anyone has discovered these scenarios previously.
I'm not sure where to complain about the ide issue.
I don't know if it's the eclipse plugin overriding the username or if the maven
plugin is just ignoring the supplied username.
I'm just a caveman programmer.
Your modern ways are strange to me.
I don't know if the build is accomplished by little demons inside the box busy
turning the picture screen symbols into other symbols.
When I'm sitting at home and the noise box rings, I don't know if a little man
is trapped inside it talking to me.
I'm just a caveman programmer, but I do know that:
exporting a putty generated key into openssh format and using that in the
settings.xml <server>-><privateKey> will allow you to do scp deployments from
windows while simultaneously allowing the (completely separate) use of
putty/pageant, which my tiny caveman brain could never seem to do before.
In the distant past, when we had to kill a mammoth single-handedly with a sharp
stick and a jawbone for the right to install and administer a linux box, I was
forced to use ftp to do deployments from windows.
Now, I have an amazing discover. It's not quite as good as fire, but it IS
better than burnt meat. This "exported keys" make me a happy caveman
programmer.
Disclaimer: I'm just a caveman programmer. Your modern ways are a mystery to
me. So if I just did something wrong, tell me so that I might not look so much
like my cousin Ugh, who could never seem to get that "walking upright" thing to
work for HIM....
--
Never wear anything that panics the cat. -- P. J. O'Rourke
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
