2

I am deploying to our cluster using Maven 3. Having set a private-key in my settings.xml as well as the repository in the pom.xml. At the moment is everything working except that I am getting asked for the password if I call mvn clean deploy. If I use <password>pw</password> instead of <privateKey>path</privateKey> it is working but of course this is not what I want to use.

settings.xml

<server>
    <id>company_cluster</id>
    <username>user</username>
    <privateKey>/home/user/.ssh/user</privateKey>
</server>

pom.xml

<build>
    <!-- ... -->
    <extensions>
        <!-- Enabling the use of SSH -->
        <extension>
            <groupId>org.apache.maven.wagon</groupId>
            <artifactId>wagon-ssh</artifactId>
            <version>2.4</version>
        </extension>
    </extensions>

</build>

<distributionManagement>
    <repository>
        <id>company_cluster</id>
        <url>scp://client.hadoop.company.at/home/user/deploy/</url>
    </repository>
</distributionManagement>

I have generated a ssh key on my local machine and then used

ssh-copy-id user@client.hadoop.company.at

to add it to the authorized keys.

Stefan Falk
  • 23,898
  • 50
  • 191
  • 378
  • there will be some (verbose) log from that, which should tell you why it didn't use your key. Or on server. – Jakuje Apr 09 '16 at 12:56
  • @Jakuje Should I see something if I run it with the `-X` switch? This output is kind of huge and I don't know what I'd look for. – Stefan Falk Apr 09 '16 at 13:09
  • This should work. Does the path `/home/user/.ssh/user` really point to the private key file (sounds like it should be `id_rsa`)? Do you use a passphrase? Related http://stackoverflow.com/q/2733447/1743880 – Tunaki Apr 09 '16 at 13:45
  • @Tunaki I think `id_rsa` is just the name of the file if no other name has been specified. I tried is with `ssh-keygen` and got a `id_rsa` file, tried it but failed as well :/ – Stefan Falk Apr 09 '16 at 13:54
  • Btw: I can login using `ssh` on the server without any troubles so the problem cannot be on the server side. – Stefan Falk Apr 09 '16 at 13:55
  • @displayname I don't understand. Could you post what is under `/home/user/.ssh` (just the filenames)? – Tunaki Apr 09 '16 at 13:56
  • Also take care about the permissions: http://stackoverflow.com/q/27538847/1743880 – Tunaki Apr 09 '16 at 13:57

2 Answers2

1

It is an old question, but I spend enough time on very similar issue to consider it worth it to post the answer. You cannot give both username and privateKey in the server node in the settings.xml file. So in the settings.xml file it should be as follows:

  <server>
    <id>company_cluster</id>
    <privateKey>/home/user/.ssh/user</privateKey>
  </server>
Marian
  • 2,571
  • 2
  • 9
  • 8
1
mvn -U clean install -D skipTests

led to the error message:

Could not transfer artifact ... from/to ...-repository (scp://.../repo/releases/): Cannot connect. Reason: invalid privatekey: [...-> [Help 1]

I found this link https://help.mulesoft.com/s/article/Issue-with-key-based-authentication-while-connecting-to-SFTP-server

And checked my newly generated key to be like:

-----BEGIN OPENSSH PRIVATE KEY-----
...

while on my old (working) environment it was:

head -2 id_rsa
-----BEGIN RSA PRIVATE KEY-----
...

So the hint from the link above was to use:

ssh-keygen -t rsa -b 4096 -m PEM

which would mean to create a new key - i had already deployed the key with ssh-copy-id to quite a few servers already ...

At Openssh Private Key to RSA Private Key if found the procedure for the key conversion.

ssh-keygen -p -N "" -m pem -f  id_rsa

changing the format to RSA

head -1 id_rsa
-----BEGIN RSA PRIVATE KEY-----

and leading to the mvn error message to disappear.

Wolfgang Fahl
  • 15,016
  • 11
  • 93
  • 186