Yes: see above about the security group getting twitchy using unsigned keys, but I think we might actually be able to get a waiver in this case.
I've never used an ssh-agent, though I see putty has pageant; is pageant compatible with jsch underlying the ssh resolver provided in Ivy? What about in a non-Windows (Linux/Unix) environment. Thanks, Rich On Wed, Jun 16, 2010 at 6:28 PM, Geoff Clitheroe <g.clithe...@gmail.com>wrote: > Hi Rich, > > Have you considered ssh key authentication? Either with an unencrypted > private key (not so secure) or with an ssh-agent holding the unencrypted > key > (more secure but the agent has to be restarted on server boot)? > > Cheers, > Geoff > > > On Thu, Jun 17, 2010 at 7:06 AM, Steele, Richard <r...@steelezone.net > >wrote: > > > I'm trying to figure out the best way to handle publishing artifacts to > our > > Ivy repository using ssh. We can't prompt the user for the username and > > password since the publication is usually done by Hudson. We can't embed > > the username or password as a job configuration property because we can't > > have those in cleartext; similarly, we can't use a standard user with a > > well-known password in cleartext because of security concerns. > > > > I'm leaning towards using a keystore, but we'd need to use one without a > > password for the same reasons above (can't prompt, don't want to embed), > > but > > a keystore without a password makes the security group twitchy. > > > > I'm looking for any ideas or suggestions that might help; practical > > experience with real examples would be best, but I'll consider anything. > > > > Thanks, > > Rich > > >
