ant-ivy-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Clitheroe <g.clithe...@gmail.com>
Subject Re: Suggestions for publishing to Ivy repo from Hudson using ssh
Date Wed, 16 Jun 2010 22:28:14 GMT
Hi Rich,

Have you considered ssh key authentication?  Either with an unencrypted
private key (not so secure) or with an ssh-agent holding the unencrypted key
(more secure but the agent has to be restarted on server boot)?

Cheers,
Geoff


On Thu, Jun 17, 2010 at 7:06 AM, Steele, Richard <rich@steelezone.net>wrote:

> I'm trying to figure out the best way to handle publishing artifacts to our
> Ivy repository using ssh.  We can't prompt the user for the username and
> password since the publication is usually done by Hudson.  We can't embed
> the username or password as a job configuration property because we can't
> have those in cleartext; similarly, we can't use a standard user with a
> well-known password in cleartext because of security concerns.
>
> I'm leaning towards using a keystore, but we'd need to use one without a
> password for the same reasons above (can't prompt, don't want to embed),
> but
> a keystore without a password makes the security group twitchy.
>
> I'm looking for any ideas or suggestions that might help; practical
> experience with real examples would be best, but I'll consider anything.
>
> Thanks,
> Rich
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message