You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Rafal Figas (JIRA)" <ji...@codehaus.org> on 2011/04/11 10:52:22 UTC
[jira] Created: (MSITE-580) Site cannot be deployed when part of
release plugin, scp method used and server uses ECDSA
Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
------------------------------------------------------------------------------------------
Key: MSITE-580
URL: http://jira.codehaus.org/browse/MSITE-580
Project: Maven 2.x and 3.x Site Plugin
Issue Type: Bug
Components: site:deploy
Affects Versions: 2.2
Environment: Gentoo Linux, Maven 2.2.1
Reporter: Rafal Figas
When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
http://jira.codehaus.org/browse/MRELEASE-424
it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
What I noticed my known_hosts file contained something like:
target_host ecdsa-sha2-nistp256 AAAAE2V[...]
When I've replaced this entry with:
target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MSITE-580) Site cannot be deployed when part of
release plugin, scp method used and server uses ECDSA
Posted by "Rafal Figas (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MSITE-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=263147#action_263147 ]
Rafal Figas commented on MSITE-580:
-----------------------------------
The basic problem is that if using SCP protocol (what I assume causes usage of JSCh) the entry in known_hosts file seems to be not found if it is entry on ECDSA algorithm. Entry looks like this:
target_host ecdsa-sha2-nistp256 AAAAE2V[...]
If I run mvn site-deploy I will be asked if I want to add this target host to known_hosts. I shouldn't be, as this host is already in my known_hosts (as ECDSA entry). If I answer "yes" it causes deletion of previous entry (which worked fine with command line ssh client). New entry is created, and it is created for RSA and looks like this:
target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
So, running mvn site-deploy seems to corrupt my original ssh setting, however finally site gets successfully deployed.
The real problem starts, when you have ECDSA entry in known hosts, and mvn release:perform runs. This goal invokes site-deploy, however in non-interactive mode due to:
http://jira.codehaus.org/browse/MRELEASE-424
This causes I cannot answer "yes" on question about adding host into known_hosts and whole release process hangs at this point.
Workaround is to manually put RSA entry in known hosts and then it works. However if you don't know this you get confused, because entry for this host IS in your known_hosts, but site-deploy behaves as it IS NOT. Besides you just cannot use ECDSA, because every time you run site-deply your entry will get deleted in favor of RSA.
As far as I know in lates version of OpenSSH the ECDSA becomes default, so this issue causes that
known_hosts entries will get changed from ECDSA to RSA due to site-plugin behaviour and ECDSA entries will get deleted.
Frankly speaking I don't know if this is a question of release plugin, site plugin or wagon or maybe jsch. I dont't have enough knowledge on internals. Server settings are specified.
If I can provide you any additional information I will be happy to help.
> Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: MSITE-580
> URL: http://jira.codehaus.org/browse/MSITE-580
> Project: Maven 2.x and 3.x Site Plugin
> Issue Type: Bug
> Components: site:deploy
> Affects Versions: 2.2
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MSITE-580) Site cannot be deployed when part of
release plugin, scp method used and server uses ECDSA
Posted by "Lukas Theussl (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MSITE-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=263145#action_263145 ]
Lukas Theussl commented on MSITE-580:
-------------------------------------
Is this a question about the release plugin or the site plugin? Can you run just site-deploy? Did you specify the server settings in your settings?
> Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: MSITE-580
> URL: http://jira.codehaus.org/browse/MSITE-580
> Project: Maven 2.x and 3.x Site Plugin
> Issue Type: Bug
> Components: site:deploy
> Affects Versions: 2.2
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MSITE-580) Site cannot be deployed when part of
release plugin, scp method used and server uses ECDSA
Posted by "Rafal Figas (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MSITE-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=263148#action_263148 ]
Rafal Figas commented on MSITE-580:
-----------------------------------
Oh, and one more thing. Using SCPEXE protocol also solves problem without corrupting known_hosts file. I assume this is because instead of JSCh client my command client is used. And as it is relatively new client it can handle ECDSA entries.
> Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: MSITE-580
> URL: http://jira.codehaus.org/browse/MSITE-580
> Project: Maven 2.x and 3.x Site Plugin
> Issue Type: Bug
> Components: site:deploy
> Affects Versions: 2.2
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Moved: (WAGON-324) Site cannot be deployed when part of
release plugin, scp method used and server uses ECDSA
Posted by "Lukas Theussl (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/WAGON-324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lukas Theussl moved MSITE-580 to WAGON-324:
-------------------------------------------
Component/s: (was: site:deploy)
wagon-ssh
Affects Version/s: (was: 2.2)
Key: WAGON-324 (was: MSITE-580)
Project: Maven Wagon (was: Maven 2.x and 3.x Site Plugin)
> Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: WAGON-324
> URL: http://jira.codehaus.org/browse/WAGON-324
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-ssh
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] (WAGON-324) Site cannot be deployed when part of release
plugin, scp method used and server uses ECDSA
Posted by "Rafal Figas (JIRA)" <ji...@codehaus.org>.
[ https://jira.codehaus.org/browse/WAGON-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=317499#comment-317499 ]
Rafal Figas commented on WAGON-324:
-----------------------------------
Just in case, to add RSA entry into known_hosts use:
ssh-keyscan -t rsa hostname >> known_hosts
> Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: WAGON-324
> URL: https://jira.codehaus.org/browse/WAGON-324
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-ssh
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (WAGON-324) Site cannot be deployed when part of
release plugin, scp method used and server uses ECDSA
Posted by "Lukas Theussl (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/WAGON-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=263152#action_263152 ]
Lukas Theussl commented on WAGON-324:
-------------------------------------
Moving to wagon for review.
> Site cannot be deployed when part of release plugin, scp method used and server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: WAGON-324
> URL: http://jira.codehaus.org/browse/WAGON-324
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-ssh
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy. Configuration of distribution of site uses SCP protocol. So, when it comes to deploy a site SSH connection is being made. However "The authenticity of host [target_host] can't be established". What was strange I had no problems in calling "ssh target_host". There was no problem with establishing authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira