SSHSESSION Task

From 753a6c60f47f3ac4f270005b65e9d6481de8eb68 Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Fri, 23 Oct 2015 10:00:02 -0700 Subject: Adding maven and ant source trees Change-Id: I0a39b9add833a31b9c3f98d193983ae2f3a5a445 Signed-off-by: Ashlee Young --- .../apache-ant-1.9.6/manual/Tasks/sshsession.html | 288 +++++++++++++++++++++ 1 file changed, 288 insertions(+) create mode 100644 framework/src/ant/apache-ant-1.9.6/manual/Tasks/sshsession.html (limited to 'framework/src/ant/apache-ant-1.9.6/manual/Tasks/sshsession.html') diff --git a/framework/src/ant/apache-ant-1.9.6/manual/Tasks/sshsession.html b/framework/src/ant/apache-ant-1.9.6/manual/Tasks/sshsession.html new file mode 100644 index 00000000..e9696d1f --- /dev/null +++ b/framework/src/ant/apache-ant-1.9.6/manual/Tasks/sshsession.html @@ -0,0 +1,288 @@ + + + + + + +SSHSESSION Task + + + + +

SSHSESSION

Description

+ +

since Apache Ant 1.8.0

+ +

A Task which establishes an SSH connection with a remote machine +running SSH daemon, optionally establishes any number of local or +remote tunnels over that connection, then executes any nested tasks +before taking down the connection. +

+ +

Note: This task depends on external libraries not included +in the Ant +distribution. See Library +Dependencies for more information. This task has been tested with +jsch-0.1.33 and above and won't work with versions of jsch earlier +than 0.1.28.

+ +

Parameters

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Attribute	Description	Required
host	The hostname or IP address of the remote host to which you wish to connect.	Yes
username	The username on the remote host to which you are connecting.	Yes
port	The port to connect to on the remote host.	No, defaults to 22.
localtunnels	A comma-delimited list of + colon-delimited `lport:rhost:rport` triplets defining + local port forwarding. If + nested localtunnel elements are also + provided, both sets of tunnels will be established.	No
remotetunnels	A comma-delimited list of + colon-delimited `rport:lhost:lport` triplets defining + remote port forwarding. If + nested remotetunnel elements are + also provided, both sets of tunnels will be established.	No
trust	This trusts all unknown hosts if set to yes/true. + Note If you set this to false (the default), the + host you connect to must be listed in your knownhosts file, this + also implies that the file exists.	No, defaults to No.
knownhosts	This sets the known hosts file to use to validate + the identity of the remote host. This must be a SSH2 format file. + SSH1 format is not supported.	No, defaults to + ${user.home}/.ssh/known_hosts.
failonerror	Whether to halt the build if the command does not complete successfully. +	No; defaults to true.
password	The password.	Not if you are using key based + authentication or the password has been given in the file or + todir attribute.
keyfile	Location of the file holding the private key.	Yes, if you are using key based + authentication.
passphrase	Passphrase for your private key.	No, defaults to an empty string.
timeout	Give up if the connection cannot be established + within the specified time (given in milliseconds). Defaults to 0 + which means "wait forever".	No

+ +

Parameters specified as nested elements

+ +

localtunnel

Optionally, any number of localtunnel elements can be used to +define local port forwarding over the SSH connection. If the +localtunnels parameter was also specified, both sets of tunnels will +be established.

+ + + + + + + + + + + + + + + + + + + + + + +

Attribute	Description	Required
lport	The number of the local port to be forwarded.	Yes
rhost	The hostname or IP address of the remote host to + which the local port should be forwarded.	Yes
rport	The number of the port on the remote host to + which the local port should be forwarded.	Yes

+ +

remotetunnel

Optionally, any number of remotetunnel elements can be used to +define remote port forwarding over the SSH connection. If the +remotetunnels parameter was also specified, both sets of tunnels will +be established.

+ + + + + + + + + + + + + + + + + + + + + + +

Attribute	Description	Required
rport	The number of the remote port to be forwarded.	Yes
lhost	The hostname or IP address of the local host to + which the remote port should be forwarded.	Yes
lport	The number of the port on the local host to which + the remote port should be forwarded.	Yes

+ +

sequential

The sequential element is a required parameter. It is a container +for nested Tasks which are to be executed once the SSH connection is +established and all local and/or remote tunnels established.

+ +

Examples

Connect to a remote machine using password authentication, +forward the local cvs port to the remote host, and execute a cvs +command locally, which can use the tunnel.

+  <sshsession host="somehost"
+    username="dude"
+    password="yo"
+    localtunnels="2401:localhost:2401"
+  >
+    <sequential>
+      <cvs  command="update ${cvs.parms} ${module}"
+        cvsRoot="${cvs.root}"
+        dest="${local.root}"
+        failonerror="true"
+      />
+    </sequential>
+  </sshsession>
+

+ +

Do the same thing using nested localtunnel element.

+  <sshsession host="somehost"
+    username="dude"
+    password="yo"
+  >
+    <localtunnel lport="2401" rhost="localhost" rport="2401"/>
+    <sequential>
+      <cvs  command="update ${cvs.parms} ${module}"
+        cvsRoot="${cvs.root}"
+        dest="${local.root}"
+        failonerror="true"
+    />
+    </sequential>
+  </sshsession>
+

+ +

Connect to a remote machine using key authentication, forward +port 1080 to port 80 of an intranet server which is not directly +accessible, then run a get task using that tunnel.

+  <sshsession host="somehost"
+  username="dude"
+  keyfile="${user.home}/.ssh/id_dsa"
+  passphrase="yo its a secret"/>
+    <LocalTunnel lport="1080" rhost="intranet.mycomp.com" rport="80"/>
+    <sequential>
+      <get src="http://localhost:1080/somefile" dest="temp/somefile"/>
+    </sequential>
+  </sshsession>
+

+ + +

Security Note: Hard coding passwords or +passphrases and/or usernames in sshsession task can be a serious +security hole. Consider using variable substitution and include the +password on the command line. For example:
+

+  <sshsession host="somehost"
+  username="${username}"
+  password="${password}"
+  localtunnels="2401:localhost:2401">
+    <sequential>
+      <sometask/>
+    </sequential>
+  </sshsession>
+

+ +Invoking ant with the following command line: +

+    ant -Dusername=me -Dpassword=mypassword target1 target2
+

+ +Is slightly better, but the username/password is exposed to all users +on an Unix system (via the ps command). The best approach is to use +the +<input> task and/or retrieve the password from a (secured) +.properties file. +

+ + -- cgit 1.2.3-korg