panni04

CA WA SFTP job and password-less login

Blog Post created by panni04 Employee on Mar 2, 2018

The CA WA SFTP job type supports keys.  This is more secure than user and password login.  It is recommended to setup and test your key with login.  To setup keys, generate the private and public keys on the host where CA WA Agent is installed.

 

In Linux/UNIX run:  

        ssh-keygen -t rsa

Then enter key passphrase or leave it blank.

[usera@my_host ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/usera/.ssh/id_rsa): /root/.ssh/id_rsa2

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /usera/.ssh/id_rsa.

Your public key has been saved in /usera/.ssh/id_rsa.pub.

The key fingerprint is:

99:67:58:46:21b5:10:ba:ca:a9:cb:a2:7a:4c:56:0d

Then copy or provide public key 'id_rsa.pub'  to your remote host. 

You can copy it like this:

cat /usera/.ssh/id_rsa.pub | ssh remoteuser@remote-box 'cat >> .ssh/authorized_keys'

 

[usera@my_host ]$ cat .ssh/id_rsa.pub | ssh remoteuser@remote-box 'cat >> .ssh/authorized_keys'

remoteuser@remote-box's password:             <-- Enter password, then the cat command will append the key on remote host.

 

Test to make sure the password-less or key login works. 

 

[usera@my_host .ssh]$ ssh remoteuser@remote-box

Last login: Tue Feb 27 21:03:04 2018 from my_host

[remoteuser@remote-box]$    <-- If you see prompt from remote host, then it worked!

 

On Windows, there are several third party utilities that can create public/private key generation.  Microsoft has also released their own version of OpenSSH server and utilities.  It is still beta, but worth a look.

Key Generation on Windows OS

Outcomes