How to deploy over SCP with private key using Maven

问题

Using Maven on windows, transfer over SCP, using a private key. It seems to be a very simple and documented process. But it didn't work for me.

In the settings.xml

<server>
  <id>myserver</id>
  <username>me</username>
  <privateKey>C:/data/home/.ssh/id_rsa</privateKey>
</server>

In the pom.xml

<distributionManagement>
  <repository>
    <id>myserver</id>
    <url>scp://myserver.domain.com/~me/deploy</url>
  </repository>
</distributionManagement>
<build>
  <extensions>
    <!-- Enabling the use of FTP -->
    <extension>
      <groupId>org.apache.maven.wagon</groupId>
       <artifactId>wagon-ssh</artifactId>
       <version>2.8</version>
    </extension>
  </extensions>
</build>

The expectation is, it should not come to ask me for a password to login. Also note that I do not want to use an external command to make it work uniformly across platforms. However ...

--- maven-deploy-plugin:2.7:deploy (default-deploy) @ sparksample ---
Downloading: scp://myserver.domain.com/~me/deploy/com/domain/myproject/1.0-SNAPSHOT/maven-metadata.xml 
The authenticity of host 'myserver.domain.com' can't be established.
RSA key fingerprint is 01:01:01:01:01:01:01:01:01:01:01:01:01:01:01:ff.
Are you sure you want to continue connecting? (yes/no): yes
: Password for me@myserver.domain.com: 

Not only asks it me for a password, it also forces me every time to accept the hostkey. It did however pickup the settings.xml file, as it is using the correct username to connect.

So how do I avoid it to ask me the password, and use the provided private key? Note that I was able to do this successfully with an ant scp task, using the exact same private key file.

回答1:

Read/Write Privileges should be set correctly

# Current directory should not be writable by others (and preferably not by group either):
chmod o-w ~

chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa

# Only in case id_rsa.pub exists (644 also ok):
chmod 640 ~/.ssh/id_rsa.pub
chmod 640 ~/.ssh/authorized_keys

Ownership should be set correctly

Set to current user and default group. By omitting the group after the colon, you make sure the group is reset to the default for that user.

chown ${USER}: ~
chown -R ${USER}: ~/.ssh

来源：https://stackoverflow.com/questions/27538847/how-to-deploy-over-scp-with-private-key-using-maven