Public key authentication
SSH, SCP, and SFTP adapters can use public-key-based authentication when servicing adapter requests. This feature is an alternative to password-based authentication. To use public key authentication, define the file location of the SSH key file and an associated pass phrase. The following table describes optional elements that you can use for the adapter configuration and dynamic targets in the adapter requests.
The default authentication method is password-based; if a <password>
element is present in an adapter configuration or the dynamic target node of an adapter request, password authentication is used, regardless of the presence of <private-key-file>
and <pass-phrase>
elements. If the <password>
element is omitted, the <private-key-file>
and <pass-phrase>
elements are used.
Optional elements for public key authentication
Element |
Description |
---|---|
|
Identifies the path and the file name for the local SSH key file |
|
Identifies the pass phrase that protects the private key file |
The following figure shows an XML sample using the optional elements for public key authentication.
XML sample of public key authentication optional elements
...
<target>
<host>test.target1.com</host>
<port>22</port>
<user-name>user1</user-name>
<private-key-file>/usr/home/user1/.ssh/id_dsa<private-key-file>
<pass-phrase encryption-type="Base64">cGFzcyBwaHJhc2U=</pass-phrase>
<prompt>user1$</prompt>
<known-hosts-config>/path/to/known_hosts</known-hosts-config>
<allow-unknown-hosts>false</allow-unknown-hosts>
<preferred-pk-algorithm>ssh-dss</preferred-pk-algorithm>
</target>
...
Comments
Log in or register to comment.