ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anderson, Rob (Global Trade)" <Rob.Ander...@nike.com>
Subject RE: SSH Tunnel
Date Tue, 13 Jul 2004 16:58:42 GMT
This could possibly work. You would probably want to forward local port 2401 to remote port
2401 and define CVSROOT as :pserver:username@localhost:/path/to/cvsroot. You would connect
and tunnel to the same remote host, since the encryption ends at the host you are connecting
to, unless you use something like <sshexec> or <scp> nested in the <sshtunnel>
task. In the example below, Mike is connecting to the bastion host and tunneling to the webserver.
Since Mike is using <scp> nested in the <sshtunnel> task the data is encrypted
the whole way. Nice.

-Rob A

> -----Original Message-----
> From: Jan.Materne@rzf.fin-nrw.de [mailto:Jan.Materne@rzf.fin-nrw.de]
> Sent: Tuesday, July 13, 2004 3:07 AM
> To: user@ant.apache.org
> Subject: AW: SSH Tunnel
> 
> 
> Seems to be interesting ...
> 
> <sshtunnel>
>     <cvs/>
> </sshtunnel>
> 
> should be also available ...
> 
> 
> Jan
> 
> 
> > -----Urspr√ľngliche Nachricht-----
> > Von: Michael Elmsly [mailto:mike.elmsly@ihug.co.nz]
> > Gesendet am: Dienstag, 13. Juli 2004 11:48
> > An: Ant Users List
> > Betreff: RE: SSH Tunnel
> > 
> > Hi Rob, All,
> > 	heres my situation as an example
> > 
> > I have
> > 
> > [Reporting HOST]----[FW]----[BASTION HOST]----[FW]----[WEBSERVER]
> > 
> > I can ssh to the bastion host from my reporting host but not 
> > directly to
> > the webserver.  What I wanted to do was retreive log files, without
> > storing them temporarily on the bastion host which involved 
> some messy
> > workarounds to first retrieve the files and then clean up 
> afterwards. 
> > Hence the tunnel...Heres a sample from my demo build file....
> > 
> > 
> > <taskdef name="sshtunnel" classname="org.mike.Ant.SSHTunnel"
> > classpath="/home/elmslym/anttunnel.jar"/>
> > 
> > <!-- tunnel_retrieve - If bastion_host property is defined 
> then first
> > bring files down from
> > 		remote host by tunneling through bastion host -->
> > 	<target name="tunnel_retrieve" if="env.bastion_host" >
> > 		<sshtunnel host="${env.bastion_host}"
> > 		  username="${user.name}"
> > 		  keyfile="${user.home}/.ssh/id_dsa"
> > 		  knownhosts="${user.home}/.ssh/known_hosts"
> > 		  passphrase="youre kidding me"
> > 		  lport="2222"
> > 		  rport="22"
> > 		  rhost="${env.remote_host}">
> > 			<scp
> > 				
> > file="${user.name}@localhost:${env.remote_dir}/${env.remote_fi
> > le_pattern}"
> > 				todir="${env.local_dir}"
> > 				keyfile="${user.home}/.ssh/id_dsa"
> > 				
> > knownhosts="${user.home}/.ssh/known_hosts"
> > 				trust="yes"
> > 				passphrase=""
> > 				compressionlevel="9"
> > 				port="2222"/>
> > 		</sshtunnel>
> > 	</target>
> > 
> > so I use the ssh tunnel task to setup an ssh tunnel on port 
> 2222 going
> > through my bastion_host to the remote host on port 22.
> > 
> > Inside my sshtunnel task I nest an scp task to connect to the remote
> > host through the tunnel and bring the files back.  However I 
> > could just
> > as easily nest a deploy task to a remote tomcat server etc.
> > 
> > Cheers,
> > Mike
> > 
> > 
> > On Tue, 2004-07-13 at 04:06, Anderson, Rob (Global Trade) wrote:
> > > Mike, Can you provide some examples of how you use this 
> > task and some sample build.xml snipets. That would help to 
> > clarify the functionality you have described.
> > > 
> > > Thanks,
> > > 
> > > -Rob A
> > 
> > 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
For additional commands, e-mail: user-help@ant.apache.org


Mime
View raw message