maven-scm-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Brown <>
Subject RE: How to set up SCM/CVS/Maven integration with public key authentication (need help!)?
Date Mon, 15 Jun 2009 18:16:41 GMT
For anyone who runs into this problem in the future:

After downloading the scm plugin source, I discovered that the plugin is using an empty string
for the passphrase when authenticating with a public key.

To tell the scm/CVS plugin the correct passphrase to use, you need to set a System property
for the key "", i.e.

    mvn scm:status<my passphrase>

A little disappointing that the system properties the CVS/SCM plugin uses aren't mentioned
in the documentation for the plugin.


-----Original Message-----
From: Matt Brown [] 
Sent: Friday, June 12, 2009 12:14 PM
Subject: How to set up SCM/CVS/Maven integration with public key authentication (need help!)?

I have a <scm> section in a POM that looks something like this:

I typically use publickey auth to authentication against this cvs server, although it should
accept my password as well.

When I attempt to run 'mvn scm:update', 'mvn release:prepare', or any Maven goal that involves
connecting to this scm, I get the following failure:

[INFO] Executing: cmd.exe /X /C "cvs -z3 -f -q update -d"
[INFO] Working directory: C:\Documents and Settings\matt.brown\workspace\projectname
org.netbeans.lib.cvsclient.connection.AuthenticationException: Cannot authenticate. Reason:
Publickey authentication failed.
        at org.apache.maven.scm.provider.cvslib.cvsjava.util.CvsConnection.connect(
        at org.apache.maven.scm.provider.cvslib.cvsjava.util.CvsConnection.processCommand(
        at org.apache.maven.scm.provider.cvslib.cvsjava.command.update.CvsJavaUpdateCommand.executeCvsCommand(
        at org.apache.maven.scm.provider.cvslib.command.update.AbstractCvsUpdateCommand.executeUpdateCommand(
        at org.apache.maven.scm.command.update.AbstractUpdateCommand.executeCommand(
        at org.apache.maven.scm.command.AbstractCommand.execute(
        at org.apache.maven.scm.provider.cvslib.AbstractCvsScmProvider.executeCommand(
        at org.apache.maven.scm.provider.cvslib.AbstractCvsScmProvider.update(
        at org.apache.maven.scm.provider.AbstractScmProvider.update(
        at org.apache.maven.scm.provider.AbstractScmProvider.update(
        at org.apache.maven.scm.manager.AbstractScmManager.update(
        at org.apache.maven.scm.plugin.UpdateMojo.execute(
(lots more of the stacktrace....)

And further down in the stacktrace:

Caused by: Decrypted PEM has wrong padding, did you specify the correct
        at ch.ethz.ssh2.crypto.PEMDecoder.removePadding(
        at ch.ethz.ssh2.crypto.PEMDecoder.decryptPEM(
        at ch.ethz.ssh2.crypto.PEMDecoder.decode(

Followed by:

[ERROR] Provider message:
[ERROR] The cvs command failed.
[ERROR] Command output:

I'm running this on a Windows machine, with no cvs executable on the PATH. I do have my public
key available under $HOME/.ssh, but it doesn't seem as if cvs/maven/scm is loading it here
- as I'm not asked for the keyphrase for it.

So, I have a few questions:

1. How do I properly tell maven when using scm where my public key resides? Do I need to do
it explicitly?
2. From the stacktrace, does it look as if this is even the correct error - or is something
else going on? I can see traffic exchanged between my machine and the CVS host when I run
this command if I use wireshark, so I know some sort of communication is going on.

View raw message