Can the Maven Wagon plugin use the private key for scp?

You must specify the path to the private key in the server element in your .xml settings:

The repositories for download and deployment are determined by the repositories and distributionManagement elements of the POM. However, some settings such as username and password should not be distributed with pom.xml. This type of information must exist on the build server in settings.xml.

 <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> ... <servers> <server> <id>server001</id> <username>my_login</username> <password>my_password</password> <privateKey>${user.home}/.ssh/id_dsa</privateKey> <passphrase>some_passphrase</passphrase> <filePermissions>664</filePermissions> <directoryPermissions>775</directoryPermissions> <configuration></configuration> </server> </servers> ... </settings> 

• id : this is the server (not user login) identifier that matches the id element of the repository / mirror that Maven is trying to connect to.
• username , password . These elements are displayed as a pair denoting the username and password required for authentication on this server.
• PrivateKey , passphrase . Like the previous two elements, this pair indicates the path to the private key (the default is ${user.home}/.ssh/id_dsa) and passphrase, if required. the elements of the passphrase and password may be externalized in the future, but for now they must be set in the text file settings.xml.
• filePermissions , directoryPermissions . When a repository file or directory is created during deployment, these are permissions to use. The legal values ​​of each of them is a three-digit number corresponding to the * nix permission file, i.e. 664 or 775.

Note. If you are using the private key to log in to the server, make sure you omit the <password> element. Otherwise, the key will be ignored.

Password encryption

A new feature is the server password, and password phrase encryption has been added to 2.1.x and 3.0 trunks. See details on this page .

Pay particular attention to the "note": if you use the private key to log into the server, make sure that you omit the <password> element. Otherwise, the key will be ignored. Thus, the final configuration will be close to:

 <settings> ... <servers> <server> <id>ssh-repository</id> <username>your username in the remote system</username> <privateKey>/path/to/your/private/key</privateKey> <passphrase>sUp3rStr0ngP4s5wOrD</passphrase><!-- if required --> <configuration> ... </configuration> </server> </servers> ... </settings>