Cari di Apache Ant 
     Apache Ant User Manual
Daftar Isi
(Sebelumnya) SshexecSubant (Berikutnya)
Apache Ant Tasks

Sshsession

SSHSESSION

Description

since Apache Ant 1.8.0

A Task which establishes an SSH connection with a remote machinerunning SSH daemon, optionally establishes any number of local orremote tunnels over that connection, then executes any nested tasksbefore taking down the connection.

Note: This task depends on external libraries not includedin the Antdistribution. See LibraryDependencies for more information. This task has been tested withjsch-0.1.33 and above and won't work with versions of jsch earlierthan 0.1.28.

See also the sshexecand scp tasks

Parameters

Attribute Description Required
host The hostname or IP address of the remote host to which you wish to connect. Yes
username The username on the remote host to which you are connecting. Yes
port The port to connect to on the remote host. No, defaults to 22.
localtunnels A comma-delimited list of colon-delimited lport:rhost:rport triplets defining local port forwarding.
If nested localtunnel elements are also provided, both sets of tunnels will be established.		 No
remotetunnels A comma-delimited list of colon-delimited rport:lhost:lport triplets defining remote port forwarding.
If nested remotetunnel elements are also provided, both sets of tunnels will be established.		 No
trust This trusts all unknown hosts if set to yes/true.
Note If you set this to false (the default), the host you connect to must be listed in your knownhosts file, this also implies that the file exists.		 No, defaults to No.
knownhosts This sets the known hosts file to use to validate the identity of the remote host.This must be a SSH2 format file. SSH1 format is not supported. No, defaults to ${user.home}/.ssh/known_hosts.
failonerror Whether to halt the build if the command does not complete successfully. No; defaults to true.
password The password. Not if you are using key based authentication or the password has been given in the file or todir attribute.
keyfile Location of the file holding the private key. Yes, if you are using key based authentication.
passphrase Passphrase for your private key. No, defaults to an empty string.
timeout Give up if the connection cannot be established within the specified time (given in milliseconds). Defaults to 0 which means "wait forever". No

Parameters specified as nested elements

localtunnel

Optionally, any number of localtunnel elements can be used todefine local port forwarding over the SSH connection. If thelocaltunnels parameter was also specified, both sets of tunnels willbe established.

Attribute Description Required
lport The number of the local port to be forwarded. Yes
rhost The hostname or IP address of the remote host to which the local port should be forwarded. Yes
rport The number of the port on the remote host to which the local port should be forwarded. Yes

remotetunnel

Optionally, any number of remotetunnel elements can be used todefine remote port forwarding over the SSH connection. If theremotetunnels parameter was also specified, both sets of tunnels willbe established.

Attribute Description Required
rport The number of the remote port to be forwarded. Yes
lhost The hostname or IP address of the local host to which the remote port should be forwarded. Yes
lport The number of the port on the local host to which the remote port should be forwarded. Yes

sequential

The sequential element is a required parameter. It is a containerfor nested Tasks which are to be executed once the SSH connection isestablished and all local and/or remote tunnels established.

Examples

Connect to a remote machine using password authentication,forward the local cvs port to the remote host, and execute a cvscommand locally, which can use the tunnel.

  <sshsession host="somehost" username="dude" password="yo" localtunnels="2401:localhost:2401"  > <sequential>  <cvs  command="update ${cvs.parms} ${module}" cvsRoot="${cvs.root}" dest="${local.root}" failonerror="true"  /> </sequential>  </sshsession>

Do the same thing using nested localtunnel element.

  <sshsession host="somehost" username="dude" password="yo"  > <localtunnel lport="2401" rhost="localhost" rport="2401"/> <sequential>  <cvs  command="update ${cvs.parms} ${module}" cvsRoot="${cvs.root}" dest="${local.root}" failonerror="true" /> </sequential>  </sshsession>

Connect to a remote machine using key authentication, forwardport 1080 to port 80 of an intranet server which is not directlyaccessible, then run a get task using that tunnel.

  <sshsession host="somehost"  username="dude"  keyfile="${user.home}/.ssh/id_dsa"  passphrase="yo its a secret"/> <LocalTunnel lport="1080" rhost="intranet.mycomp.com" rport="80"/> <sequential>  <get src="http://localhost:1080/somefile" dest="temp/somefile"/> </sequential>  </sshsession>

Security Note: Hard coding passwords orpassphrases and/or usernames in sshsession task can be a serioussecurity hole. Consider using variable substitution and include thepassword on the command line. For example:

  <sshsession host="somehost"  username="${username}"  password="${password}"  localtunnels="2401:localhost:2401"> <sequential>  <sometask/> </sequential>  </sshsession>
Invoking ant with the following command line:
 ant -Dusername=me -Dpassword=mypassword target1 target2
Is slightly better, but the username/password is exposed to all userson an Unix system (via the ps command). The best approach is to usethe<input> task and/or retrieve the password from a (secured).properties file.

(Sebelumnya) SshexecSubant (Berikutnya)