Third Party SSH Key Generation Example
Reference / Command Line Interface Guide / CLI Cookbook: Common Workflows, Tasks, and Examples / CLI Cookbook: Authentication and Users / CLI Cookbook: Configuring Key-Based SSH Authentication for Automation / Third Party SSH Key Generation Example

This topic provides examples of SSH key generation for password-less login to the Delphix command line interface (CLI).

Prerequisites

These operations are performed as a command line user on a non-Dephix host, where SSH is installed.  In the remainder of the document we will use the terms "username" and "host name" in the following way:

  • username – the existing command line user on the non-Delphix host
  • host name – the existing non-Delphix host

The examples below should work with a variety of SSH distributions. However, your distribution may behave differently.  If you are unable to follow these instructions successfully, consult with your system administrator and/or your operating system or SSH client vendor. Please note that from Delphix version 5.0 onward, only RSA protocol 2 keys are supported.

Procedure

This example details three ways to set up password-less authentication:

  • Using an existing SSH key with no passphrase
  • Generating a new SSH key stored in the default location
  • Generating a new SSH key stored in a non-default location

Using an Existing SSH Key With No Passphrase

To use an existing SSH key for password-less authentication, that key must have been established with no passphrase.  If the existing SSH key has a passphrase associated with it, instead follow the instructions for generating a new SSH key stored in a non-default location below.


  1. Login as username to hostname.
  2. Within the ~username/.ssh/ directory, there will be one or more files whose names end in the .pub extension, for example:
    1. id_dsa.pub
    2. id_rsa.pub
    3. identity.pub
    The differing names correspond to different types of keys SSH may use. Note that from version 5.0 of Delphix, only RSA protocol 2 keys are supported.
  3. Input the contents of the id_rsa.pub file into the publicKey field as described in CLI Cookbook: Configuring Key-Based SSH Authentication for Automation.

Generating a New SSH Key Stored in the Default Location

  1. Login as username to hostname.
  2. Verify that there are no files with the .pub extension in the ~username/.ssh/ directory.  If there are, you must either use the existing SSH key as described above, or generate a new SSH key in a non-default location as described below.
  3. Create your RSA protocol 2 keys with no passphrase.
    1. Run ssh-keygen -t rsa
      This command creates two new files in ~username/.ssh/: id_rsa and id_rsa.pub
  4. You will be prompted to enter a passphrase, and to confirm the passphrase. Simply hit Enter twice to create a key with no passphrase for password-less authentication.
  5. Input the contents of the created id_rsa .pub file in the ~username/.ssh/ directory into the publicKey field as described in CLI Cookbook: Configuring Key-Based SSH Authentication for Automation.

Generating a New SSH Key Stored in a Non-Default Location

  1. Login as username to hostname.
  2. Choose the filename for your new SSH key files, for example: delphix_key and delphix_key.pub
  3. Create your keys with no passphrase.
    1. Run ssh-keygen -t rsa -f delphix_key
      This command creates two new files delphix_key and delphix_key.pub
  4. You will be prompted to enter a passphrase, and to confirm the passphrase. Simply hit Enter twice to create a key with no passphrase for password-less authentication.
  5. Input the contents of the created .pub file in the ~username/.ssh/ directory into the publicKey field as described in CLI Cookbook: Configuring Key-Based SSH Authentication for Automation.
  6. On subsequent login attempts to the Delphix CLI, specify the private SSH key to be used with the -i argument, for example:
    ssh -i ~/delphix_key username@delphixserver.company.com

Related Links