Java Mailing List Archive

http://www.ant-tasks.com/

Home » Ant Users List »

Re: Tomcat Client Deployer

Antoine Levy-Lambert

2010-03-07

Replies: Find Java Web Hosting

Author LoginPost Reply
Kaushal Shriyan wrote:
>
> Hi again,
>
> I have couple of questions:
>
> <target name="stop-tomcat">
> <!-- Executes remote command via ssh -->
> <sshexec host="host0072.example.com" username="kaushal"
> password="xxxxxx" trust="true"
>       command="sudo /etc/init.d/tomcat0 start" />
> </target>
>
> the password field is exposed here. is there a way to secure it. ?
>  
You can create yourself a ssh public/private key pair.
Assuming you are using a PC and have installed cygwin on the PC, and
also the openssh of cygwin, you can do this :

ssh-keygen -t rsa

for automated work it is easier to create a private key without
passphrase. You may also want not to do that for security reasons, it is
up to you. As soon as you do fully automated work, passwords have to be
either not requested by the system or hard-coded somewhere.

Then copy the public key id_rsa.pub as authorized_keys in the .ssh
folder of the remote host. The authorized_keys file must be readable and
writable only for its owner, the .ssh directory must be rwx only for its
owner too, and the home directory must not be writable by group or other


someuser@(protected)
drwx------  2 someuser staff       512 Jun 12 2009 .
drwxr-xr-x 45 someuser staff      1536 Mar 7 18:24 ..
-rw-------  1 someuser staff      1662 May 27 2009 authorized_keys

afterwards you can use the sshexec task with the keyfile attribute
instead of the password attribute. keyfile is usually
${user.home}/.ssh/id_rsa (for a RSA key)

Then for sudo it is possible to configure "sudoers" to allow certain
commands without password entry. Our UNIX admin does that.

Regards,

Antoine
> Also when i run the command ant -lib lib/ stop-tomcat the string
> "command="sudo /etc/init.d/tomcat start"" asks for password
> again on the stdout. is there a way to handle this condition since i
> need to start tomcat server as tomcat user.
>
> Thanks and Regards,
>
> Kaushal
>  


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@(protected)
For additional commands, e-mail: user-help@(protected)

©2008 ant-tasks.com - Jax Systems, LLC, U.S.A.