| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| FileOutput node SFTP error - credentials invalid |
« View previous topic :: View next topic » |
| Author |
Message
|
| pavraj |
 Posted: Tue May 16, 2017 8:22 am Post subject: FileOutput node SFTP error - credentials invalid |
 |
|
Novice
Joined: 06 Mar 2017
Posts: 18
|
Hi All,
We are using FileOutput node in the flow to SFTP a csv file to remote server. We had run mqsisetdbparms command to associate a User ID and and SSH identity file.
While executing we are getting the "public key authentication details invalid".
So based on the suggestions from various forums, we understand that the identity file (public key file) format is of .ppk
As broker supports only openssh format, we have used PuttyGen tool to convert the identity file to openssh format using server's private key.
We have exported identity file in openssh format like below in PuttyGen-
Load - existing private key file
Given passphrase
then we could able to see the details of the imported key
Type of key to generate: selected radio button SSH-2 RSA
Conversion tab -> Export OpenSSH Key, saved the exported key
Placed the converted identity file in required path and restarted EG and also broker.
Still we are facing the same error - "public key authentication details invalid"
Toolkit version - 9.0.0.4
Broker version - 9.0.0.5
Kindly provide your valuable inputs in resolving this error. |
|
| Back to top |
|
 |
| zpat |
| Posted: Tue May 16, 2017 11:15 pm Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
You don't say which platform this is.
Is your exported key the private key or the public key?
The mqsisetdbparms identity value needs to be the private key file.
Maybe easier just to run ssh-keygen and create it on the SSH platform.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
| Back to top |
|
|
| pavraj |
| Posted: Wed May 17, 2017 12:51 am Post subject: FileOutput node SFTP error - credentials invalid |
|
|
Novice
Joined: 06 Mar 2017
Posts: 18
|
Hi zpat,
Sorry to mention, platform is Windows
Is your exported key the private key or the public key?
- I'm not sure, but I can say in puttygen tool, we are loading a private key and Conversion tab -> Export OpenSSH Key, saved the exported key
-Is the key exported will be a private key or public key? I thought it will be a private key.
The mqsisetdbparms identity value needs to be the private key file
-But as per documentation, we should set a public key as identity file right? Could you please correct me?
You can also configure a connection to an SFTP server to use Public Key authentication, by specifying an SSH identity file and pass phrase, instead of a password. For example:
mqsisetdbparms MyBroker -n sftp::myidentity -u myuserid -i identity_file -r passphrase |
|
| Back to top |
|
|
| zpat |
| Posted: Wed May 17, 2017 4:08 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
Show me the documentation where it says identify file is a public key?
It's been a while since I've done this, but since the public key is what you provide to the other end of the transfer, it makes sense that the private key is what you provide to the broker end.
On Unix at least, I always like to debug this outside the broker using the sftp command. Why not try doing that?
I don't believe you need a passphrase either. I've never had to anyway.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
| Back to top |
|
|
| pavraj |
| Posted: Mon May 22, 2017 4:59 am Post subject: |
|
|
Novice
Joined: 06 Mar 2017
Posts: 18
|
Thanks zpat, I have made a successful SFTPed a file to remote server location.
As you said, in mqsisetdbparms we need to refer a private key (in the -i identity_file parameter).
For the benefit of others, I am writing the steps I have followed-
1. Using Puttygen (key generator tool), I have generated a public/private key pair.
2. I referenced the private key in the mqsisetdbparms command.
3. I copied the public key from "Public key for parsing into OpenSSH authorized_keys file" section and paste it in the authorized_keys file of remote server.
Thank you a lot zpat for your valuable suggestions. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
