Uploaded image for project: 'Maven Wagon'
  1. Maven Wagon
  2. WAGON-467

wagon-ssh: options to configure hostKeyChecking and PreferredAuthentications

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.10
    • Fix Version/s: 2.12
    • Component/s: wagon-ssh
    • Labels:
      None
    • Environment:
      Maven 3.3
      Jenkins

      Description

      Hi,
      I'm looking a way to deploy the maven site using scp protocol.
      I found some issues:

      • when I create a Jenkins node the maven process stucks during site:deploy goal because it prompts to me if I want add the destination host key to know_hosts file.
      • also with correct credential in settings.xml it prompts to me for Kerberos username [$USER] and password.

      After a lot of google search the SSH options command to setup should be:

      • StrictHostKeyChecking [ask, no, yes]
      • PreferredAuthentications a mix of [gssapi-with-mic, publickey, password, keyboard-interactive]

      Configure those option into them into .ssh/config file it's hard to manage in many in case of many machine

      Actually there is not way to change those settings in the wagon instance
      For StrictHostKeyChecking could be used the settings.xml

      <servers>
      	<server>
      		<id>docserver</id>
      		<username>xxx</username>
      		<password>password</password>
      		<configuration>
      			<knownHostsProvider>
      				<hostKeyChecking>no</hostKeyChecking>
      			</knownHostsProvider>
      		</configuration>
      	</server>
      </servers>
      

      but it fails because KnownHostsProvider it's an interface and if I specify the implementation of knownHostsProvider

      <knownHostsProvider implementation="org.apache.maven.wagon.providers.ssh.knownhost.FileKnownHostsProvider">
      

      fails because ClassNotFound on IOUtil in super constructor method.

      Instead for PreferredAuthentications it's an plain string into the code so no way to change it.

        Issue Links

          Activity

          Hide
          githubbot ASF GitHub Bot added a comment -

          GitHub user nfalco79 opened a pull request:

          https://github.com/apache/maven-wagon/pull/29

          WAGON-467 Allow customisation of some SSH options

          This commit add StrictHostKeyChecking and PreferredAuthentications custom fields that together allow you to perform, the command scp enough to remove any user interaction (username, password and add host key to know_hosts file).

          You can merge this pull request into a Git repository by running:

          $ git pull https://github.com/nfalco79/maven-wagon feature/WAGON-467

          Alternatively you can review and apply these changes as the patch at:

          https://github.com/apache/maven-wagon/pull/29.patch

          To close this pull request, make a commit to your master/trunk branch
          with (at least) the following in the commit message:

          This closes #29


          commit b5f312c5dca59b745662fd81a9e24401d1322ebc
          Author: Nikolas Falco <nikolas.falco@finantix.com>
          Date: 2016-11-23T19:24:41Z

          WAGON-467 Allow customisation of some SSH options

          This commit add StrictHostKeyChecking and PreferredAuthentications custom fields that together allow you to perform, the command scp enough to remove any user interaction (username, password and add host key to know_hosts file).


          Show
          githubbot ASF GitHub Bot added a comment - GitHub user nfalco79 opened a pull request: https://github.com/apache/maven-wagon/pull/29 WAGON-467 Allow customisation of some SSH options This commit add StrictHostKeyChecking and PreferredAuthentications custom fields that together allow you to perform, the command scp enough to remove any user interaction (username, password and add host key to know_hosts file). You can merge this pull request into a Git repository by running: $ git pull https://github.com/nfalco79/maven-wagon feature/ WAGON-467 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/maven-wagon/pull/29.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #29 commit b5f312c5dca59b745662fd81a9e24401d1322ebc Author: Nikolas Falco <nikolas.falco@finantix.com> Date: 2016-11-23T19:24:41Z WAGON-467 Allow customisation of some SSH options This commit add StrictHostKeyChecking and PreferredAuthentications custom fields that together allow you to perform, the command scp enough to remove any user interaction (username, password and add host key to know_hosts file).
          Hide
          dantran Dan Tran added a comment -

          Hi Nikolas, with your patch, are you able to customize wagon ssh using maven's settings.xml?

          Show
          dantran Dan Tran added a comment - Hi Nikolas, with your patch, are you able to customize wagon ssh using maven's settings.xml?
          Hide
          nfalco79 Nikolas Falco added a comment - - edited

          Yes. Follow an example of my settings.xml that upload the maven site of our multi module project

            <servers>
              <server>
                <id>docserver</id>
                <username>user</username>
                <password>password</password>
                <configuration>
                  <strictHostKeyChecking>no</strictHostKeyChecking>
                  <preferredAuthentications>publickey,password</preferredAuthentications>
                  <interactive>false</interactive>
                </configuration>
              </server>
            </servers>
          

          The interactive element is not needed, anyway I set it to false (default is true).
          With above settings it doesn't prompt in case of new host keys to add and for kerberos username and password.
          Correct values for preferredAuthentications I've got here

          Show
          nfalco79 Nikolas Falco added a comment - - edited Yes. Follow an example of my settings.xml that upload the maven site of our multi module project <servers> <server> <id> docserver </id> <username> user </username> <password> password </password> <configuration> <strictHostKeyChecking> no </strictHostKeyChecking> <preferredAuthentications> publickey,password </preferredAuthentications> <interactive> false </interactive> </configuration> </server> </servers> The interactive element is not needed, anyway I set it to false (default is true). With above settings it doesn't prompt in case of new host keys to add and for kerberos username and password. Correct values for preferredAuthentications I've got here
          Show
          dantran Dan Tran added a comment - commit at https://git1-us-west.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=ffa7fc88
          Hide
          hudson Hudson added a comment -

          SUCCESS: Integrated in Jenkins build maven-wagon #1316 (See https://builds.apache.org/job/maven-wagon/1316/)
          WAGON-467 Allow customisation of some SSH options (dan.tran: rev ffa7fc8830e916e9d3d91a222b641cd5363ffafe)

          • (edit) wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java
          Show
          hudson Hudson added a comment - SUCCESS: Integrated in Jenkins build maven-wagon #1316 (See https://builds.apache.org/job/maven-wagon/1316/ ) WAGON-467 Allow customisation of some SSH options (dan.tran: rev ffa7fc8830e916e9d3d91a222b641cd5363ffafe) (edit) wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user dantran commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          @nfalco79, since i used the patch method and push this change. Git cant close this PR. Please close it yourself

          Show
          githubbot ASF GitHub Bot added a comment - Github user dantran commented on the issue: https://github.com/apache/maven-wagon/pull/29 @nfalco79, since i used the patch method and push this change. Git cant close this PR. Please close it yourself
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user nfalco79 commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          closed by this ffa7fc8830e916e9d3d91a222b641cd5363ffafe

          Show
          githubbot ASF GitHub Bot added a comment - Github user nfalco79 commented on the issue: https://github.com/apache/maven-wagon/pull/29 closed by this ffa7fc8830e916e9d3d91a222b641cd5363ffafe
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user nfalco79 closed the pull request at:

          https://github.com/apache/maven-wagon/pull/29

          Show
          githubbot ASF GitHub Bot added a comment - Github user nfalco79 closed the pull request at: https://github.com/apache/maven-wagon/pull/29
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user dantran commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          @nfalco79 it is a long waited fix. Thank you and thank you

          Show
          githubbot ASF GitHub Bot added a comment - Github user dantran commented on the issue: https://github.com/apache/maven-wagon/pull/29 @nfalco79 it is a long waited fix. Thank you and thank you
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user dantran commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          @nfalco79 could you give https://github.com/mojohaus/wagon-maven-plugin/tree/master/src/it/ssh-it a try? update the pom to use your env. I am not able to get mine working. It always prompts me for host key confirmation

          Show
          githubbot ASF GitHub Bot added a comment - Github user dantran commented on the issue: https://github.com/apache/maven-wagon/pull/29 @nfalco79 could you give https://github.com/mojohaus/wagon-maven-plugin/tree/master/src/it/ssh-it a try? update the pom to use your env. I am not able to get mine working. It always prompts me for host key confirmation
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user dantran commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          confirm it works with maven-site-plugin but not with wagon-maven-plugin

          Show
          githubbot ASF GitHub Bot added a comment - Github user dantran commented on the issue: https://github.com/apache/maven-wagon/pull/29 confirm it works with maven-site-plugin but not with wagon-maven-plugin
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user nfalco79 commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          Follow my settings.xml

              <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
              	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              	xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                                            https://maven.apache.org/xsd/settings-1.0.0.xsd">
              	<servers>
              		<server>
              			<id>raspberry</id>
              			<username>pi</username>
              			<password>password</password>
              			<configuration>
              				<strictHostKeyChecking>no</strictHostKeyChecking>
              				<preferredAuthentications>publickey,password</preferredAuthentications>
              				<interactive>false</interactive>
              			</configuration>
              		</server>
              	</servers>
              </settings>
              

          I had play with the repository you post.
          The reason because your wagon-mave-plugin does not works is because when you instantiate the wagon instance you do not consider the configuration element as the site-plugin does in AbstractDeployMojo#configureWagon by the XmlPlexusConfiguration

          Show
          githubbot ASF GitHub Bot added a comment - Github user nfalco79 commented on the issue: https://github.com/apache/maven-wagon/pull/29 Follow my settings.xml <settings xmlns= "http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd"> <servers> <server> <id> raspberry </id> <username> pi </username> <password> password </password> <configuration> <strictHostKeyChecking> no </strictHostKeyChecking> <preferredAuthentications> publickey,password </preferredAuthentications> <interactive> false </interactive> </configuration> </server> </servers> </settings> I had play with the repository you post. The reason because your wagon-mave-plugin does not works is because when you instantiate the wagon instance you do not consider the configuration element as the site-plugin does in AbstractDeployMojo#configureWagon by the XmlPlexusConfiguration
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user nfalco79 commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          Debugging a log the issue seems to be which implementation of WagonManger plexus inject. If I run with maven 3.3.9 it injects a [DefaultWagonManager](http://grepcode.com/file/repo1.maven.org/maven2/org.apache.maven/maven-compat/3.3.3/org/apache/maven/repository/legacy/DefaultWagonManager.java#DefaultWagonManager.getWagon%28org.apache.maven.wagon.repository.Repository%29) where the getWagon is deprecated and lacks of configureWagon call that do the trick above. If I run it with maven 2.2.1 it has a working implementation of [DefaultWagonManager](http://grepcode.com/file/repo1.maven.org/maven2/org.apache.maven/maven-artifact-manager/2.2.1/org/apache/maven/artifact/manager/DefaultWagonManager.java#DefaultWagonManager.getWagon%28org.apache.maven.wagon.repository.Repository%29) but mvn command breaks with the following message:
          ```
          [INFO] Unable to initialise extensions
          Component descriptor role: 'com.jcraft.jsch.UIKeyboardInteractive', implementation: 'org.apache.maven.wagon.providers.ssh.jsch.interactive.PrompterUIKeyboardInteractive', role hint: 'default' has a hint, but there are other implementations that don't
          ```
          This explains the reason of extra work in the maven-site-plugin around configureWagon method to distinguish of maven 2/3

          I hope these information will help you to make a workaround for your wagon-maven-plugin

          Show
          githubbot ASF GitHub Bot added a comment - Github user nfalco79 commented on the issue: https://github.com/apache/maven-wagon/pull/29 Debugging a log the issue seems to be which implementation of WagonManger plexus inject. If I run with maven 3.3.9 it injects a [DefaultWagonManager] ( http://grepcode.com/file/repo1.maven.org/maven2/org.apache.maven/maven-compat/3.3.3/org/apache/maven/repository/legacy/DefaultWagonManager.java#DefaultWagonManager.getWagon%28org.apache.maven.wagon.repository.Repository%29 ) where the getWagon is deprecated and lacks of configureWagon call that do the trick above. If I run it with maven 2.2.1 it has a working implementation of [DefaultWagonManager] ( http://grepcode.com/file/repo1.maven.org/maven2/org.apache.maven/maven-artifact-manager/2.2.1/org/apache/maven/artifact/manager/DefaultWagonManager.java#DefaultWagonManager.getWagon%28org.apache.maven.wagon.repository.Repository%29 ) but mvn command breaks with the following message: ``` [INFO] Unable to initialise extensions Component descriptor role: 'com.jcraft.jsch.UIKeyboardInteractive', implementation: 'org.apache.maven.wagon.providers.ssh.jsch.interactive.PrompterUIKeyboardInteractive', role hint: 'default' has a hint, but there are other implementations that don't ``` This explains the reason of extra work in the maven-site-plugin around configureWagon method to distinguish of maven 2/3 I hope these information will help you to make a workaround for your wagon-maven-plugin
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user dantran commented on the issue:

          https://github.com/apache/maven-wagon/pull/29

          your patch fixes the site plugin ssh issue. I will need to implement similar wagon handling developed at maven-site-plugin https://github.com/mojohaus/wagon-maven-plugin/issues/6

          thanks for trouble shooting this

          Show
          githubbot ASF GitHub Bot added a comment - Github user dantran commented on the issue: https://github.com/apache/maven-wagon/pull/29 your patch fixes the site plugin ssh issue. I will need to implement similar wagon handling developed at maven-site-plugin https://github.com/mojohaus/wagon-maven-plugin/issues/6 thanks for trouble shooting this

            People

            • Assignee:
              dantran Dan Tran
              Reporter:
              nfalco79 Nikolas Falco
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development