[jira] [Commented] (WAGON-446) SSH agent authentication is no longer working in wagon-ssh 2.10

Fri, 31 Aug 2018 10:46:06 -0700 


    [ 
https://issues.apache.org/jira/browse/WAGON-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16599078#comment-16599078
 ] 

Michael Osipov commented on WAGON-446:
--------------------------------------

Just checked the source code, as far as I can see, the agent support is in and 
the only way to tell Wagon stop using the private key from {{user.home}} is to 
redirect it with {{wagon.privateKeyDirectory}} as you did.

Sadly, I see no non-intrusive way to solve this properly. Does SCP External 
work for you btw? How does it work for it anyway? Does it try the agent first 
and then the rest? Maybe we could mimic this behavior with JSch? WDYT?

To solve this properly, we'd need to fully redesign the {{settings.xml}} 
structure.

> SSH agent authentication is no longer working in wagon-ssh 2.10
> ---------------------------------------------------------------
>
>                 Key: WAGON-446
>                 URL: https://issues.apache.org/jira/browse/WAGON-446
>             Project: Maven Wagon
>          Issue Type: Bug
>          Components: wagon-ssh
>    Affects Versions: 2.10
>            Reporter: Per Landberg
>            Assignee: Dan Tran
>            Priority: Major
>             Fix For: waiting-for-feedback
>
>         Attachments: wagon-446.patch
>
>
> After upgrading to wagon-2.10,  SSH Agent authentication doesn't seems to 
> work anymore. I got the following error when trying to publish a site, using 
> maven-site-plugin 3.4:
> Using private key: <PATH TO id_rsa>
> : Error uploading site: Cannot connect. Reason: Auth fail -> [Help 1]
> I have no server for this site defined in my settings.xml
> After some investigation, I suspect that the cause is WAGON-413 since the  
> logic in AbstractJschWagon was changed to not use the agent if 
> ScpHelper.getPrivateKey() returns a File. 
> Unfortunate, ScpHelper.getPrivateKey() seems to have a fallback behavior that 
> always returns the id_rsa key (if one exists) even when no matching server 
> element exists in settings.xml and the effect is that the agent is never 
> consulted. 
> The authentication will then fail since no server element provides a key 
> password.
> My current workaround is to set the wagon.privateKeyDirectory System Property 
> to an empty directory. This will prevent the ScpHelper.getPrivateKey() 
> fallback to kick in.
> Has anybody else got SSH agent working in combination with existing id_rsa 
> files?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to