ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » FileOutput node SFTP error - credentials invalid

Post new topic  Reply to topic
 FileOutput node SFTP error - credentials invalid « View previous topic :: View next topic » 
Author Message
pavraj
PostPosted: Tue May 16, 2017 8:22 am    Post subject: FileOutput node SFTP error - credentials invalid Reply with quote

Novice

Joined: 06 Mar 2017
Posts: 18

Hi All,

We are using FileOutput node in the flow to SFTP a csv file to remote server. We had run mqsisetdbparms command to associate a User ID and and SSH identity file.
While executing we are getting the "public key authentication details invalid".
So based on the suggestions from various forums, we understand that the identity file (public key file) format is of .ppk
As broker supports only openssh format, we have used PuttyGen tool to convert the identity file to openssh format using server's private key.
We have exported identity file in openssh format like below in PuttyGen-
Load - existing private key file
Given passphrase
then we could able to see the details of the imported key
Type of key to generate: selected radio button SSH-2 RSA
Conversion tab -> Export OpenSSH Key, saved the exported key
Placed the converted identity file in required path and restarted EG and also broker.
Still we are facing the same error - "public key authentication details invalid"
Toolkit version - 9.0.0.4
Broker version - 9.0.0.5
Kindly provide your valuable inputs in resolving this error.
Back to top
View user's profile Send private message
zpat
PostPosted: Tue May 16, 2017 11:15 pm    Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5849
Location: UK

You don't say which platform this is.

Is your exported key the private key or the public key?

The mqsisetdbparms identity value needs to be the private key file.

Maybe easier just to run ssh-keygen and create it on the SSH platform.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error.
Back to top
View user's profile Send private message
pavraj
PostPosted: Wed May 17, 2017 12:51 am    Post subject: FileOutput node SFTP error - credentials invalid Reply with quote

Novice

Joined: 06 Mar 2017
Posts: 18

Hi zpat,

Sorry to mention, platform is Windows

Is your exported key the private key or the public key?
- I'm not sure, but I can say in puttygen tool, we are loading a private key and Conversion tab -> Export OpenSSH Key, saved the exported key
-Is the key exported will be a private key or public key? I thought it will be a private key.


The mqsisetdbparms identity value needs to be the private key file
-But as per documentation, we should set a public key as identity file right? Could you please correct me?
You can also configure a connection to an SFTP server to use Public Key authentication, by specifying an SSH identity file and pass phrase, instead of a password. For example:
mqsisetdbparms MyBroker -n sftp::myidentity -u myuserid -i identity_file -r passphrase
Back to top
View user's profile Send private message
zpat
PostPosted: Wed May 17, 2017 4:08 am    Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5849
Location: UK

Show me the documentation where it says identify file is a public key?

It's been a while since I've done this, but since the public key is what you provide to the other end of the transfer, it makes sense that the private key is what you provide to the broker end.

On Unix at least, I always like to debug this outside the broker using the sftp command. Why not try doing that?

I don't believe you need a passphrase either. I've never had to anyway.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error.
Back to top
View user's profile Send private message
pavraj
PostPosted: Mon May 22, 2017 4:59 am    Post subject: Reply with quote

Novice

Joined: 06 Mar 2017
Posts: 18

Thanks zpat, I have made a successful SFTPed a file to remote server location.
As you said, in mqsisetdbparms we need to refer a private key (in the -i identity_file parameter).
For the benefit of others, I am writing the steps I have followed-
1. Using Puttygen (key generator tool), I have generated a public/private key pair.
2. I referenced the private key in the mqsisetdbparms command.
3. I copied the public key from "Public key for parsing into OpenSSH authorized_keys file" section and paste it in the authorized_keys file of remote server.

Thank you a lot zpat for your valuable suggestions.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » FileOutput node SFTP error - credentials invalid
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.