[jira] [Commented] (WAGON-446) SSH agent authentication is no longer working in wagon-ssh 2.10

Fri, 07 Sep 2018 11:42:23 -0700 


    [ 
https://issues.apache.org/jira/browse/WAGON-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16607500#comment-16607500
 ] 

Michael Osipov commented on WAGON-446:
--------------------------------------

First of all, thanks for testing. I have a few ideas we could try out. 

bq. ... what do you think about changing ScpHelper.getPrivateKey() to detect if 
a ssh-agent
is available and just skip the call to ScpHelper.findPrivateKey()?

I don't want to do that because the method name says {{getPrivateKey()}} and 
not {{doAgentFiddling()}}.
Can you provide a {{ssh -vv}} log with and without agent running? I'd like to 
see what {{ssh(1)}} really does. Maybe we could simply mimic this behavior, 
i.e., always try the agent first with JSch and if it fails go over to keys, 
etc. WDYT=

> SSH agent authentication is no longer working in wagon-ssh 2.10
> ---------------------------------------------------------------
>
>                 Key: WAGON-446
>                 URL: https://issues.apache.org/jira/browse/WAGON-446
>             Project: Maven Wagon
>          Issue Type: Bug
>          Components: wagon-ssh
>    Affects Versions: 2.10
>            Reporter: Per Landberg
>            Assignee: Dan Tran
>            Priority: Major
>             Fix For: waiting-for-feedback
>
>         Attachments: wagon-446.patch
>
>
> After upgrading to wagon-2.10,  SSH Agent authentication doesn't seems to 
> work anymore. I got the following error when trying to publish a site, using 
> maven-site-plugin 3.4:
> Using private key: <PATH TO id_rsa>
> : Error uploading site: Cannot connect. Reason: Auth fail -> [Help 1]
> I have no server for this site defined in my settings.xml
> After some investigation, I suspect that the cause is WAGON-413 since the  
> logic in AbstractJschWagon was changed to not use the agent if 
> ScpHelper.getPrivateKey() returns a File. 
> Unfortunate, ScpHelper.getPrivateKey() seems to have a fallback behavior that 
> always returns the id_rsa key (if one exists) even when no matching server 
> element exists in settings.xml and the effect is that the agent is never 
> consulted. 
> The authentication will then fail since no server element provides a key 
> password.
> My current workaround is to set the wagon.privateKeyDirectory System Property 
> to an empty directory. This will prevent the ScpHelper.getPrivateKey() 
> fallback to kick in.
> Has anybody else got SSH agent working in combination with existing id_rsa 
> files?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to