ANT之SSH

ANT 中使用SSH：

依赖文件 jsch-0.1.29.jar文件。可以从下面的链接中获取，版本不对的下载源代码，然后使用对应的JDK进行编译，然后重新打JAR包。

测试文件如下：

<?xml version="1.0" encoding="GBK"?>

<project name="abs" basedir="." default="all">
  <target name="all">
    <sshexec host="ip" username="username" password="pwd" trust="true" command="ls"></sshexec>
  </target>
</project>

 

以下是官方介绍：

Description

since Ant 1.6

Runs a command on a remote machine running SSH daemon.

Note: This task depends on external libraries not included in the Ant distribution. See Library Dependencies for more information. This task has been tested with jsch-0.1.29 and above and won't work with versions of jsch earlier than 0.1.28.

See also the scp task

Parameters

Attribute	Description	Required
host	The hostname or IP address of the remote host to which you wish to connect.	Yes
username	The username on the remote host to which you are connecting.	Yes
command	The command to run on the remote host.	Either this or commandResource must be set
commandResource	The resource (file) that contains the commands to run on the remote host. Since Ant 1.7.1	Either this or command must be set
port	The port to connect to on the remote host.	No, defaults to 22.
trust	This trusts all unknown hosts if set to yes/true. Note If you set this to false (the default), the host you connect to must be listed in your knownhosts file, this also implies that the file exists.	No, defaults to No.
knownhosts	This sets the known hosts file to use to validate the identity of the remote host. This must be a SSH2 format file. SSH1 format is not supported.	No, defaults to ${user.home}/.ssh/known_hosts.
failonerror	Whether to halt the build if the command does not complete successfully.	No; defaults to true.
password	The password.	Not if you are using key based authentication or the password has been given in the file or todir attribute.
keyfile	Location of the file holding the private key.	Yes, if you are using key based authentication.
passphrase	Passphrase for your private key.	No, defaults to an empty string.
output	Name of a file to which to write the output.	No
append	Whether output file should be appended to or overwritten. Defaults to false, meaning overwrite any existing file.	No
outputproperty	The name of a property in which the output of the command should be stored. If you use the commandResource attribute, each command's output will be prefixed by the command itself.	No
timeout	Stop the command if it doesn't finish within the specified time (given in milliseconds unlike telnet, which expects a timeout in seconds ). Defaults to 0 which means "wait forever".	No
input	A file from which the executed command's standard input is taken. This attribute is mutually exclusive with the inputstring attribute. When executing more than one command via commandResource, input will be read for each command. since Ant 1.8.0	No
verbose	Determines whether sshexec outputs verbosely to the user. Similar output is generated as the ssh commandline tool wit the -v option. since Ant 1.8.0	No, defaults to false
inputstring	A string which serves as the input stream for the executed command. This attribute is mutually exclusive with the input attribute. When executing more than one command via commandResource, input will be read for each command. since Ant 1.8.0	No

Examples

Run a command on a remote machine using password authentication

  <sshexec host="somehost"

	username="dude"

	password="yo"

	command="touch somefile"/>

Run a command on a remote machine using key authentication

  <sshexec host="somehost"

	username="dude"

	keyfile="${user.home}/.ssh/id_dsa"

	passphrase="yo its a secret"

	command="touch somefile"/>

Run a command on a remote machine using key authentication with no passphrase

  <sshexec host="somehost"

	username="dude"

	keyfile="${user.home}/.ssh/id_dsa"

	command="touch somefile"/>

Run a set of commands from a command resource (file) on a remote machine using key authentication with no passphrase

  <sshexec host="somehost"

	username="dude"

	keyfile="${user.home}/.ssh/id_dsa"

	commandResource="to_run"/>

Security Note: Hard coding passwords and/or usernames in sshexec task can be a serious security hole. Consider using variable substitution and include the password on the command line. For example:

  <sshexec host="somehost"

	username="${username}"

	password="${password}"

	command="touch somefile"/>

Invoking ant with the following command line:

    ant -Dusername=me -Dpassword=mypassword target1 target2

Is slightly better, but the username/password is exposed to all users on an Unix system (via the ps command). The best approach is to use the <input> task and/or retrieve the password from a (secured) .properties file.