You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Michael Osipov (JIRA)" <ji...@apache.org> on 2018/11/14 22:24:00 UTC
[jira] [Commented] (WAGON-446) SSH agent authentication is no
longer working in wagon-ssh 2.10
[ https://issues.apache.org/jira/browse/WAGON-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16687227#comment-16687227 ]
Michael Osipov commented on WAGON-446:
--------------------------------------
I really would like to pick this up. I think we can apply the following reasoning:
* If {{ssh-external}} is used, provide creds (password or private key) if explicitly set in {{settings.xml}} otherwise {{ssh(1)}} will do its magic
* If {{ssh}} (JSch) is used, check if reads {{~/.ssh/id_*}} by default, if so, we can apply the same logic as for {{ssh}} if not, don't look for the private key by yourself, use {{settings.xml}} OR configure with {{OpenSSHConfig}}, i.e., behave as JSch woudl behave by default, no magic traversal suprises.
WDYT?
> SSH agent authentication is no longer working in wagon-ssh 2.10
> ---------------------------------------------------------------
>
> Key: WAGON-446
> URL: https://issues.apache.org/jira/browse/WAGON-446
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-ssh
> Affects Versions: 2.10
> Reporter: Per Landberg
> Assignee: Dan Tran
> Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: wagon-446.patch
>
>
> After upgrading to wagon-2.10, SSH Agent authentication doesn't seems to work anymore. I got the following error when trying to publish a site, using maven-site-plugin 3.4:
> Using private key: <PATH TO id_rsa>
> : Error uploading site: Cannot connect. Reason: Auth fail -> [Help 1]
> I have no server for this site defined in my settings.xml
> After some investigation, I suspect that the cause is WAGON-413 since the logic in AbstractJschWagon was changed to not use the agent if ScpHelper.getPrivateKey() returns a File.
> Unfortunate, ScpHelper.getPrivateKey() seems to have a fallback behavior that always returns the id_rsa key (if one exists) even when no matching server element exists in settings.xml and the effect is that the agent is never consulted.
> The authentication will then fail since no server element provides a key password.
> My current workaround is to set the wagon.privateKeyDirectory System Property to an empty directory. This will prevent the ScpHelper.getPrivateKey() fallback to kick in.
> Has anybody else got SSH agent working in combination with existing id_rsa files?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)