当前位置: 文江博客话题详情

Maven Wagon 插件可以使用 scp 私钥吗?

发布于 2024-08-30 15:43:30 字数 75 浏览 5 评论 0原文

Maven Wagon 插件可以配置为使用 ssh/scp 私钥吗?我尝试过的所有操作仍然让 maven 在进行 scp 时询问我密码。

原文

Can Maven Wagon plugin be configured to use a private key for ssh/scp? Everything I've tried still leaves maven to ask me for a password when it gets to the point of scp-ing.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

蓝眼泪 2024-09-06 15:43:30

您应该能够在设置中的 server 元素中指定私钥的路径.xml:

用于下载和的存储库
部署由以下定义
存储库
distributionManagement 元素
POM。然而,某些设置
例如用户名和密码应该
不与一起分发
pom.xml。此类信息
应该存在于构建服务器上
设置.xml。

<设置 xmlns="http://maven.apache.org/SETTINGS/1.0.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
  ...
  <服务器>
    <服务器>
      server001
      <用户名>my_login
      <密码>我的密码
      ${user.home}/.ssh/id_dsa
      <密码>some_passphrase
      <文件权限>664
      <目录权限>775
      <配置>
    
  
  ...
  • id:这是该设备的 ID
    服务器(不是登录用户的服务器)
    与 的 id 元素匹配
    Maven 尝试的存储库/镜像
    连接到。
  • 用户名密码:这些元素成对出现,表示登录名和密码
    需要对此进行身份验证
    服务器。
  • 私钥
    passphrase:与前两个元素一样,这对指定一个路径
    到私钥(默认为
    ${user.home}/.ssh/id_dsa)
    密码(如果需要)。这
    密码短语和密码元素可以
    将来会被外部化,但是对于
    现在必须将它们设置为纯文本
    settings.xml 文件。
  • filePermissionsdirectoryPermissions:当存储库文件或目录被访问时
    在部署时创建,这些是
    使用权限。法律价值
    每个都是一个三位数
    对应*nix文件
    权限,即。 664 或 775。

注意:如果您使用私钥
登录服务器,确保您
省略 元素。
否则,该键将被忽略。

密码加密

新功能 - 服务器密码和
已添加密码加密
到 2.1.x 和 3.0 中继。查看详情
此页面上。

请特别注意“注意”:如果您使用私钥登录服务器,请确保省略 元素。否则,该键将被忽略。因此最终配置将接近:

<settings>
  ...
  <servers>
    <server>
      <id>ssh-repository</id>
      <username>your username in the remote system</username>
      <privateKey>/path/to/your/private/key</privateKey>
      <passphrase>sUp3rStr0ngP4s5wOrD</passphrase><!-- if required --> 
      <configuration>
        ...
      </configuration>
    </server>
  </servers>
  ...
</settings>

You should be able to specify the path to the private key in the server element in your settings.xml:

The repositories for download and
deployment are defined by the
repositories and
distributionManagement elements of
the POM. However, certain settings
such as username and password should
not be distributed along with the
pom.xml. This type of information
should exist on the build server in
the settings.xml.

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
  ...
  <servers>
    <server>
      <id>server001</id>
      <username>my_login</username>
      <password>my_password</password>
      <privateKey>${user.home}/.ssh/id_dsa</privateKey>
      <passphrase>some_passphrase</passphrase>
      <filePermissions>664</filePermissions>
      <directoryPermissions>775</directoryPermissions>
      <configuration></configuration>
    </server>
  </servers>
  ...
</settings>
  • id: This is the ID of the
    server (not of the user to login as)
    that matches the id element of the
    repository/mirror that Maven tries to
    connect to.
  • username, password: These elements appear as a pair denoting the login and password
    required to authenticate to this
    server.
  • privateKey,
    passphrase: Like the previous two elements, this pair specifies a path
    to a private key (default is
    ${user.home}/.ssh/id_dsa) and a
    passphrase, if required. The
    passphrase and password elements may
    be externalized in the future, but for
    now they must be set plain-text in the
    settings.xml file.
  • filePermissions, directoryPermissions: When a repository file or directory is
    created on deployment, these are the
    permissions to use. The legal values
    of each is a three digit number
    corresponding to *nix file
    permissions, ie. 664, or 775.

Note: If you use a private key to
login to the server, make sure you
omit the <password> element.
Otherwise, the key will be ignored.

Password Encryption

A new feature - server password and
passphrase encryption has been added
to 2.1.x and 3.0 trunks. See details
on this page.

Pay a special attention to the "note": If you use a private key to login to the server, make sure you omit the <password> element. Otherwise, the key will be ignored. So the final configuration will be close to:

<settings>
  ...
  <servers>
    <server>
      <id>ssh-repository</id>
      <username>your username in the remote system</username>
      <privateKey>/path/to/your/private/key</privateKey>
      <passphrase>sUp3rStr0ngP4s5wOrD</passphrase><!-- if required --> 
      <configuration>
        ...
      </configuration>
    </server>
  </servers>
  ...
</settings>
回复 原文
千と千尋 2024-09-06 15:43:30

我知道这是一个旧线程,但看起来 Wagon 插件正在读取 settings.xml (例如用户名)但没有使用所有设置。我无法让它在 scp 期间停止询问 Kerberos 用户名/密码。 (看起来 2016 年末插件可能发生了一些变化,影响了这一点。)
只是添加这个答案以防它对其他人有帮助。

对我来说,解决方案更简单:完全跳过使用“settings.xml”
并简单地为协议指定“scpexe”而不是“scp”(例如在 pom.xml 的 distributionManagement 部分下)。然后,这将使用您计算机的默认 SSH 配置(~/.ssh 下的 UNIX 设置)。

<plugin>
  <groupId>org.codehaus.mojo</groupId>
  <artifactId>wagon-maven-plugin</artifactId>
  <version>1.0</version>
  <executions>
    <execution>
      <id>upload-to-server</id>
      <phase>deploy</phase>
      <goals><goal>upload-single</goal></goals>
      <configuration>
        <fromFile>file-to-upload</fromfile>
        <url>scpexe://username@serverName/dirname-to-copy-to
        <toFile>file-to-upload</toFile>
      </configuration>
    </execution>
  </executions>
</plugin>

I know this is an old thread, but it looks like the Wagon plugin is reading settings.xml (e.g. username) but not using all of the settings. I could not get it to stop asking for Kerberos username/password during scp. (Looks like there might have been changes to plugin late 2016 that affect this.)
Just adding this answer in case it helps someone else.

For me, the solution was even simpler: totally skip using 'settings.xml'
and simply specify 'scpexe' instead of 'scp' for protocol (like under distributionManagement section of pom.xml). This then uses your machine's default SSH configuration (unix settings under ~/.ssh).

<plugin>
  <groupId>org.codehaus.mojo</groupId>
  <artifactId>wagon-maven-plugin</artifactId>
  <version>1.0</version>
  <executions>
    <execution>
      <id>upload-to-server</id>
      <phase>deploy</phase>
      <goals><goal>upload-single</goal></goals>
      <configuration>
        <fromFile>file-to-upload</fromfile>
        <url>scpexe://username@serverName/dirname-to-copy-to
        <toFile>file-to-upload</toFile>
      </configuration>
    </execution>
  </executions>
</plugin>
回复 原文
落日海湾 2024-09-06 15:43:30

我今天想结合 maven-site-plugin (3.9.1) 做同样的事情,并且也遇到了一些障碍(特别是 wagon-ssh插件坚持要求我提供 Kerberos 用户名和密码)。
最终对 wagon-ssh-3.4.3 有用的东西:

<!-- add scp support for mvn site:deploy -->
<dependency>
    <groupId>org.apache.maven.wagon</groupId>
    <artifactId>wagon-ssh</artifactId>
    <version>3.4.3</version>
</dependency>

settings.xml 中:

<server>
  <id>ssh-repository</id>
  <username>pridkdev</username>
  <privateKey>${user.home}/.ssh/pridkdev.ppk</privateKey>
  <filePermissions>664</filePermissions>
  <directoryPermissions>775</directoryPermissions>
  <configuration>
      <interactive>false</interactive>
      <strictHostKeyChecking>no</strictHostKeyChecking>
      <preferredAuthentications>publickey</preferredAuthentications>
  </configuration>
</server>

我想最重要的是 块,特别是 设置。

I wanted to do the exact same thing today in conjunction with the maven-site-plugin (3.9.1) and was also hitting some roadblocks (specifically, the wagon-ssh plugin insisted on asking me for my Kerberos username and password).
What finally worked for me with wagon-ssh-3.4.3:

<!-- add scp support for mvn site:deploy -->
<dependency>
    <groupId>org.apache.maven.wagon</groupId>
    <artifactId>wagon-ssh</artifactId>
    <version>3.4.3</version>
</dependency>

and in settings.xml:

<server>
  <id>ssh-repository</id>
  <username>pridkdev</username>
  <privateKey>${user.home}/.ssh/pridkdev.ppk</privateKey>
  <filePermissions>664</filePermissions>
  <directoryPermissions>775</directoryPermissions>
  <configuration>
      <interactive>false</interactive>
      <strictHostKeyChecking>no</strictHostKeyChecking>
      <preferredAuthentications>publickey</preferredAuthentications>
  </configuration>
</server>

I guess what was crucial is the <configuration> block and there especially the <preferredAuthentications> setting.

回复 原文
~没有更多了~

关于作者

半仙

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

初遇

文章 0 评论 0

听闻余生

文章 0 评论 0

Z_dy

文章 0 评论 0

左岸枫

文章 0 评论 0

1848719402

文章 0 评论 0

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文