search

trajano / wagon-git

Git wagon provider
Eclipse Public License 1.0
8 stars 10 forks source link

Support ssh-agent #6

Closed puce77 closed 9 years ago

puce77 commented 9 years ago

It seems ssh-agent is not supported.

Please add support for ssh-agent so you don't have to store the passphrase in the settings.xml file.

trajano commented 9 years ago

See https://gist.github.com/quidryan/5449155 for hints

trajano commented 9 years ago

Seems like it is not yet resolved in Eclipse https://bugs.eclipse.org/bugs/show_bug.cgi?id=179924

trajano commented 9 years ago

I have deployed 2.0.4-SNAPSHOT @ https://oss.sonatype.org/content/repositories/snapshots/net/trajano/wagon/wagon-git/2.0.4-SNAPSHOT/ with this feature, pls confirm it works for you so I can create a proper release.

puce77 commented 9 years ago

In a KDE Konsole, if I run:

ssh -T git@github.com

the first time, KDE will ask me about the passphrase. Afterwards everything the command runs without asking for a passphrase anymore.

Calling 

mvn site-deploy

however (using your wagon-git v2.0.4-SNAPSHOT) causes some issues.

If the settings.xml looks like this:

        <server>
            <id>ssh</id>
        </server>

Then I'm getting the following error:

Error uploading site: ssh://git@github.com/myProject: reject HostKey: github.com -> [Help 1]

If the settings.xml looks like this:

        <server>
            <id>ssh</id>
            <username>git</username>
        </server>

Then I'm getting the following error:

Execution default-deploy of goal org.apache.maven.plugins:maven-site-plugin:3.4:deploy failed: ssh://git@github.com:22: org.eclipse.jgit.transport.CredentialItem$YesNoType:The authenticity of host 'github.com' can't be established.

But as I said ssh -T git@github.com runs fine.

Do I have to use some other configuration?

trajano commented 9 years ago

Is github allowed in your known hosts for your agent.

On Mon, Jun 15, 2015 at 2:38 PM, Florian Brunner notifications@github.com wrote:

In a KDE Konsole, if I run:

ssh -T git@github.com

the first time, KDE will ask me about the passphrase. Afterwards everything the command runs without asking for a passphrase anymore. Calling 

mvn site-deploy

however (using your wagon-git v2.0.4-SNAPSHOT) causes some issues. If the settings.xml looks like this:

ssh

Then I'm getting the following error:

Error uploading site: ssh://git@github.com/myProject: reject HostKey: github.com -> [Help 1] If the settings.xml looks like this:

ssh git

Then I'm getting the following error: Execution default-deploy of goal org.apache.maven.plugins:maven-site-plugin:3.4:deploy failed: ssh://git@github.com:22: org.eclipse.jgit.transport.CredentialItem$YesNoType:The authenticity of host 'github.com' can't be established. But as I said ssh -T git@github.com runs fine.

Do I have to use some other configuration?

Reply to this email directly or view it on GitHub: https://github.com/trajano/wagon-git/issues/6#issuecomment-112166072

puce77 commented 9 years ago

I think so. github.com appears in .ssh/known_hosts (Kubuntu)

And the following commands work without issues:

ssh -T git@github.com

and

git push git@github.com:someRepo

Is there anything other I should set? Maybe something Maven specific?

trajano commented 9 years ago

Maybe it is using a different agent protocol than the one I used.

On Tue, Jun 16, 2015 at 3:19 PM, Florian Brunner notifications@github.com wrote:

I think so. github.com appears in .ssh/known_hosts (Kubuntu) And the following commands work without issues: '''' ssh -T git@github.com '''' and '''' git push git@github.com:someRepo ''''

Is there anything other I should set? Maybe something Maven specific?

Reply to this email directly or view it on GitHub: https://github.com/trajano/wagon-git/issues/6#issuecomment-112534179

puce77 commented 9 years ago

What configuration did you use in the settings.xml file?

trajano commented 9 years ago

I just copied the code I don't have a test for agent usage. If it does not work then I can just leave it off and wait for someone to contribute a patch.

On Tue, Jun 16, 2015 at 3:24 PM, Florian Brunner notifications@github.com wrote:

What configuration did you use in the settings.xml file?

Reply to this email directly or view it on GitHub: https://github.com/trajano/wagon-git/issues/6#issuecomment-112536229

puce77 commented 9 years ago

Hmm, the thing is, I think it's really bad to have the passphrase stored in a file. I think it's even worse than storing passwords in a file. I tried to use username/ password instead, but the wagon wants the passphrase:

failed: ssh://git@github.com:22: org.eclipse.jgit.transport.CredentialItem$StringType:Passphrase for /home/puce/.ssh/id_rsa -> [Help 1]

That is with version 2.0.3

As far as I can see, the README says this should work: https://github.com/trajano/wagon-git

But then I had a look at the source code, and it seems ssh:// is always used: https://github.com/trajano/wagon-git/blob/master/src/main/java/net/trajano/wagon/git/GitHubPagesWagon.java

trajano commented 9 years ago

GitHub does not support user ID and password for their ssh connections from what I know. 

They need you to upload a private key.

On Tue, Jun 16, 2015 at 4:30 PM, Florian Brunner notifications@github.com wrote:

Hmm, the thing is, I think it's really bad to have the passphrase stored in a file. I think it's even worse than storing passwords in a file. I tried to use username/ password instead, but the wagon wants the passphrase:

failed: ssh://git@github.com:22: org.eclipse.jgit.transport.CredentialItem$StringType:Passphrase for /home/puce/.ssh/id_rsa -> [Help 1]

That is with version 2.0.3 As far as I can see, the README says this should work: https://github.com/trajano/wagon-git

But then I had a look at the source code, and it seems ssh:// is always used: https://github.com/trajano/wagon-git/blob/master/src/main/java/net/trajano/wagon/git/GitHubPagesWagon.java

Reply to this email directly or view it on GitHub: https://github.com/trajano/wagon-git/issues/6#issuecomment-112559560

puce77 commented 9 years ago

They do support https URLs which work with username/password: https://help.github.com/articles/which-remote-url-should-i-use/

Check the clone URL, there you can switch from ssh to https.

Also it would be great to override this on the command line, e.g. -Dusername=x -Dpassword=y

Depending on the aggregated information gathered from the settings.xml and the command line you could decide if the ssh URL should be used (e.g. username = git or no username) or the https URL should be used (e.g. username != git and password both set)

And maybe consider using privateKey/ passphrase for ssh instead of username/password: https://maven.apache.org/settings.html#Servers

trajano commented 9 years ago

The wagon git does not support the HTTPS approach.

On Tue, Jun 16, 2015 at 5:41 PM, Florian Brunner notifications@github.com wrote:

They do support https URLs which work with username/password: https://help.github.com/articles/which-remote-url-should-i-use/ Check the clone URL, there you can switch from ssh to https. Also it would be great to override this on the command line, e.g. -Dusername=x -Dpassword=y Depending on the aggregated information gathered from the settings.xml and the command line you could decide if the ssh URL should be used (e.g. username = git or no username) or the https URL should be used (e.g. username != git and password both set)

And maybe consider using privateKey/ passphrase for ssh instead of username/password: https://maven.apache.org/settings.html#Servers

Reply to this email directly or view it on GitHub: https://github.com/trajano/wagon-git/issues/6#issuecomment-112577001