CLI Cookbook: Configuring Key-Based SSH Authentication for Automation
Reference / Command Line Interface Guide / CLI Cookbook: Common Workflows, Tasks, and Examples / CLI Cookbook: Authentication and Users / CLI Cookbook: Configuring Key-Based SSH Authentication for Automation

This topic describes how to use CLI commands to configure individual users with SSH keys to allow for password-less authentication from a remote host to the CLI in an automated environment.

What is SSH Key-based Authentication?

Secure SHell (SSH) is a connection method used to log into UNIX or Linux servers remotely. With Delphix, is it used to connect to the Delphix Command Line Interface (CLI) from a remote computer. This normally requires a password on each connection; however, it is possible to use Key-based Authentication to avoid the password requirement and allow automation of Delphix commands.

Key-based Authentication relies on a public/private key pair generated on the client system. The private key allows access to any server acknowledging the matching public key as being authorized to login. In order to configure this, a public/private key pair must be created, and the resulting public key should be added to the Delphix server using the CLI.

Procedure

  1. Consult your client documentation for information on generating a public/private key pair. The ssh-keygen program is typical on UNIX platforms.  If you need details on ssh-keygen usage or have unique requirements (such as named RSA keys), see Third Party SSH Key Generation Example. If you already have a public/private key pair generated on your system, you can skip to step 2.

  2. Connect as the user you wish to configure or as a Delphix administrator.

    Connecting to Namespaces

    When you connect to the Delphix Engine with the CLI, you should specify the appropriate namespace (either DOMAIN or SYSTEM). See Connecting to the CLI for more information.

  3. Select the current user, or select a specific user if configuring another user as an administrator.

    delphix> user current

  4. Update the user and set the SSH key.

    delphix user "delphix_admin"> update
delphix user "delphix_admin" update *> set publicKey
Enter publicKey:

    Avoid Newline Characters with Public Key Entry

    The public key value, which can be quite long, must be entered as a single string with no newlines. When copying and pasting the public key be sure to avoid introducing any newline characters.

  5. Paste the contents of the public key configured on your client and commit the result.

    delphix user "delphix_admin" update *> commit
delphix>

  6. Verify you can authenticate through the Delphix CLI without a passphrase.

    Example Using Default SSH Key

    ssh delphix_admin@DOMAIN@delphix-server.example.com
Last login: Thu Dec 13 22:16:28 2012 from 192.168.0.2
delphix>

    Example Using a Non-default SSH Key File Located at path/to/delphix_key

    ssh -i path/to/delphix_key delphix_admin@DOMAIN@delphix-server.example.com
Last login: Thu Dec 13 22:16:28 2012 from 192.168.0.2
delphix>