ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Elmsly <mike.elm...@ihug.co.nz>
Subject RE: SSH Tunnel
Date Tue, 13 Jul 2004 09:47:59 GMT
Hi Rob, All,
	heres my situation as an example

I have

[Reporting HOST]----[FW]----[BASTION HOST]----[FW]----[WEBSERVER]

I can ssh to the bastion host from my reporting host but not directly to
the webserver.  What I wanted to do was retreive log files, without
storing them temporarily on the bastion host which involved some messy
workarounds to first retrieve the files and then clean up afterwards. 
Hence the tunnel...Heres a sample from my demo build file....


<taskdef name="sshtunnel" classname="org.mike.Ant.SSHTunnel"
classpath="/home/elmslym/anttunnel.jar"/>

<!-- tunnel_retrieve - If bastion_host property is defined then first
bring files down from
		remote host by tunneling through bastion host -->
	<target name="tunnel_retrieve" if="env.bastion_host" >
		<sshtunnel host="${env.bastion_host}"
		  username="${user.name}"
		  keyfile="${user.home}/.ssh/id_dsa"
		  knownhosts="${user.home}/.ssh/known_hosts"
		  passphrase="youre kidding me"
		  lport="2222"
		  rport="22"
		  rhost="${env.remote_host}">
			<scp
				file="${user.name}@localhost:${env.remote_dir}/${env.remote_file_pattern}"
				todir="${env.local_dir}"
				keyfile="${user.home}/.ssh/id_dsa"
				knownhosts="${user.home}/.ssh/known_hosts"
				trust="yes"
				passphrase=""
				compressionlevel="9"
				port="2222"/>
		</sshtunnel>
	</target>

so I use the ssh tunnel task to setup an ssh tunnel on port 2222 going
through my bastion_host to the remote host on port 22.

Inside my sshtunnel task I nest an scp task to connect to the remote
host through the tunnel and bring the files back.  However I could just
as easily nest a deploy task to a remote tomcat server etc.

Cheers,
Mike


On Tue, 2004-07-13 at 04:06, Anderson, Rob (Global Trade) wrote:
> Mike, Can you provide some examples of how you use this task and some sample build.xml
snipets. That would help to clarify the functionality you have described.
> 
> Thanks,
> 
> -Rob A


Mime
View raw message