[
https://issues.apache.org/jira/browse/WAGON-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16606985#comment-16606985
]
Per Landberg commented on WAGON-446:
------------------------------------
I've now tested maven-ssh-external and it seems to work correctly with the same
use-case as above as long as ssh is working from the command line.
Looking at the source, ScpExternalWagon always seems to call
ScpHelper.getPrivateKey() so if the id_rsa file is found, the private key will
be added to the command line using the -i option but ssh seems to detect and
use the ssh-agent if it's available.
Based on how it seems to work, what do you think about changing
ScpHelper.getPrivateKey() to detect if a ssh-agent
is available and just skip the call to ScpHelper.findPrivateKey()? For
wagon-ssh this will prevent the default key to be used and behave like when
using an empty wagon.privateKeyDirectory. For wagon-ssh-external, the key will
not be added to the command line but ssh will find the correct key itself as it
normally would. This change would fix this issue and hopefully not affect any
other use-cases.
Note that I have no idea how this change would affect other external ssh
programs like putty.
> SSH agent authentication is no longer working in wagon-ssh 2.10
> ---------------------------------------------------------------
>
> Key: WAGON-446
> URL: https://issues.apache.org/jira/browse/WAGON-446
> Project: Maven Wagon
> Issue Type: Bug
> Components: wagon-ssh
> Affects Versions: 2.10
> Reporter: Per Landberg
> Assignee: Dan Tran
> Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: wagon-446.patch
>
>
> After upgrading to wagon-2.10, SSH Agent authentication doesn't seems to
> work anymore. I got the following error when trying to publish a site, using
> maven-site-plugin 3.4:
> Using private key: <PATH TO id_rsa>
> : Error uploading site: Cannot connect. Reason: Auth fail -> [Help 1]
> I have no server for this site defined in my settings.xml
> After some investigation, I suspect that the cause is WAGON-413 since the
> logic in AbstractJschWagon was changed to not use the agent if
> ScpHelper.getPrivateKey() returns a File.
> Unfortunate, ScpHelper.getPrivateKey() seems to have a fallback behavior that
> always returns the id_rsa key (if one exists) even when no matching server
> element exists in settings.xml and the effect is that the agent is never
> consulted.
> The authentication will then fail since no server element provides a key
> password.
> My current workaround is to set the wagon.privateKeyDirectory System Property
> to an empty directory. This will prevent the ScpHelper.getPrivateKey()
> fallback to kick in.
> Has anybody else got SSH agent working in combination with existing id_rsa
> files?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
