This topic describes how to use CLI commands to configure individual users with SSH keys to allow for password-less authentication from a remote host to the CLI in an automated environment.

What is SSH Key-based Authentication?

Secure SHell (SSH) is a connection method used to log into UNIX or Linux servers remotely. With Delphix, is it used to connect to the Delphix Command Line Interface (CLI) from a remote computer. This normally requires a password on each connection; however, it is possible to use Key-based Authentication to avoid the password requirement and allow automation of Delphix commands.

Key-based Authentication relies on a public/private key pair generated on the client system. The private key allows access to any server acknowledging the matching public key as being authorized to login. In order to configure this, a public/private key pair must be created, and the resulting public key should be added to the Delphix server using the CLI.

The default domain user created on Delphix Engines is now admin instead of delphix_admin. When engines created before 5.3.1 are upgraded to 5.3.1 or later they will retain their old username 'delphix_admin'. To avoid complications Delphix recommends creating users with an admin role and then Disabling delphix_admin.

Procedure

  1. Consult your client documentation for information on generating a public/private key pair. The ssh-keygen program is typical on UNIX platforms.  If you need details on ssh-keygen usage or have unique requirements (such as named RSA keys), see Third Party SSH Key Generation Example. If you already have a public/private key pair generated on your system, you can skip to step 2.
  2. Connect as the user you wish to configure or as a Delphix administrator.

    Connecting to Namespaces

    When you connect to the Delphix Engine with the CLI, you should specify the appropriate namespace (either DOMAIN or SYSTEM). See Connecting to the CLI for more information.

  3. Select the current user, or select a specific user if configuring another user as an administrator.

    delphix> user current
    
  4. Update the user and set the SSH key.

    delphix user "admin"> update
    delphix user "admin" update *> set publicKey
    Enter publicKey:

    Avoid Newline Characters with Public Key Entry

    The public key value, which can be quite long, must be entered as a single string with no newlines. When copying and pasting the public key be sure to avoid introducing any newline characters.

  5. Paste the contents of the public key configured on your client and commit the result.

    delphix user "admin" update *> commit
    delphix>
  6. Verify you can authenticate through the Delphix CLI without a passphrase.

    Example Using Default SSH Key

    ssh admin@DOMAIN@delphix-server.example.com
    Last login: Thu Dec 13 22:16:28 2012 from 192.168.0.2
    delphix>

    Example Using a Non-default SSH Key File Located at path/to/delphix_key

    ssh -i path/to/delphix_key admin@DOMAIN@delphix-server.example.com
    Last login: Thu Dec 13 22:16:28 2012 from 192.168.0.2
    delphix>