SFTP using RSA key authorzation

leung1119 · February 2, 2012, 2:20pm

Hi all,
Our client request us to access their SFTP using rsa key base authorzation.
Please advise following method can work this out :

1, In webMethods call the setKeyAndChain and fill in the privKeyFile with the path of private key file.
2, then, call the pub.client.ftp:login with filled serverhost, serverport, username & secure.auth = ‘SSL’

If this method is wrong, could anybody give me some hints how to work this out ?
Please kindly help. I am newbie of webMethods.
Thanks

Tong_Wang · February 2, 2012, 10:00pm

SFTP (SSH + FTP) is not supported by WM natively.

You can search this site for some existing practices.

Another option is to use jsch and write some java code around it. We are using it fine with rsa key auth.

reamon · February 3, 2012, 12:56am

Adding clarification, the “FTP” in “SFTP” is quite different from FTP. You cannot use the pub.client.ftp services for SFTP.

You will need to get a libary or tool that supports SFTP. One option is GnuPG which you can call from IS via command-line execution. Another is using a Java library such as Trilead for which you would write wrapper services to do the things you want.

For key/cert based authentication you’ll need to generate a public key to give to your partner so they can configure their system. Then you configure your side to use the key.

Hope this is enough to get you started on your research.

cbordeaux.917993 · February 14, 2012, 11:18pm

I’ve used the openssh package for clients with keys before. It is a little convoluted with an external batch file for commands but works fine.

Holger_von_Thomsen · November 17, 2015, 11:41am

Hi all,

meanhwile (beginning with 9.x) it is officially supported by SAG, but not for ports/listeners.

Regarding this I have a question of my own:
wM 9.5.1

When using SFTP User Alias with Authentication Type Password all is working fine.
But unfortunately one of our SFTP-Partner systems forces us meanwhile to use Authentication Type Public Key.

While trying to configure this we found the IS Administration guide as well as the Training Material for “Knowledge Update - Administration” not really helpful as it is not described how to create the neccessary keys in the right way.

Putty is not really helpful here as we have to generate the objects on Solaris to match our application user.

Any ideas?

Unfortunately this is quite urgent as this already affects our productive processing.

Regards,
Holger

Tong_Wang · November 17, 2015, 6:45pm

We use Putty to generate the SSH2 RSA key pair. Although we use it on Window, the key should work on any platform.
What’s exactly the issue when using it on Solaris?

Holger_von_Thomsen · November 18, 2015, 12:37pm

Hi Tong,

thanks for your reply.

We solved this by using ssh-keygen.

Regards,
Holger