Jun 22, 2012 Generating public/private rsa key pair. Enter file in which to save the key (/home/ demo /.ssh/idrsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ demo /.ssh/idrsa. Your public key has been saved in /home/ demo /.ssh/idrsa.pub. Before you can access IBM Commerce on Cloud servers or environments, you must generate a pair of public and private keys for SSH logon and provide IBM the public key. You can use the Cygwin key generator utility to create the public and private keys for SSH logon that you need for accessing IBM Commerce on Cloud environment servers and applications.
Applies to:
SAP Netweaver PI based SFTP Adapters
Summary
The following sections briefly describe the steps to create SSH key pairs which can be used as an alternative for password based authentication. It also includes steps to verify key based authentication and import the keys in NWA key storage. It mainly foucses on creating PKCS12 Keys from OpenSSH Keys.
Author(s):
Sivasubramaniam Arunachalam
Company: SAP Labs Created on: 30-Dec-2011 Author(s) Bio Sivasubramaniam Arunachalam is a senior developer at SAP Labs (Technology Innovation Platform). He is currently occupied with PI 7.31 development/maintenace activities. Since Sivasubramaniam joined SAP Labs in July 2010, he has developed new features in several adapters/areas including File, JDBC, IDoc, SOAP/XI, HTTP, JPR, B2B(RNIF 1.1/2.0, CIDX & PIDX) Adapters, XML Validation and Mapping Runtime. Currently, he is the component responsible for File, JDBC, B2B Adapters and XML Validation and takes care of all new development, enhancement and maintenance activities. Table of Contents
Tools Required
PuTTY Key Generator
PuTTY
Open SSL Utility
SSH Key Generator
Cygwin(for Windows Users) with the following packages
OpenSSL
SSH
Keys to be Generated
Public Key (OpenSSH Format)
Private Key (Putty Format)
Private Key (PEM)
Public Key (X.509 Certificate)
Private Key (PKCS 12)
Use PuTTY Key Generator to Create SSH Public/Private Keys
Download PuTTYgen.exe from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Select SSH2-RSA as a key type
Click on 'Generate' and move your mouse cursor in 'Key' section to generate the keys based on random mouse move co-ordinates.
After the required mouse movements, it will generate the random key
Click 'Save public key' and save it as 'public_key' name
It will look like below
Click 'Save private key' and save it as 'private_key.ppk' name
It will look like below
Leave Passphrase fields as blank and Select Conversions -> Export OpenSSH key
Ignore the warning by choosing 'Yes'
Save it under 'private_key.pem' name
It will look like below
The following keys are created
Use Open SSL to Create X.509 and P12 Certificates
If you are in windows, use Cygwin
Navigate to the location where the keys generated above are stored
Create the X509 certificate from the private key
It will look like below
Create the PKCS type 12 Keystore
Provide the password (which will be used in channel configuration)
The created key would be in encrypted (binary) form
Import the Private Key into NWA Key Store
Open the nwa key store and create a new view called SFTP_TEST
Click on 'Import Entry' and select the generated p12 file
After import, verify the entries.
Configure the Public Key in SSH Server
Copy the public key in to SSH Server via SFTP
Login to SSH server verify the copied public key
Since the public key does not have any permissions, change it to 400 (for read)
Use ssh-keygen tool to create openSSH format public key
Add the created openSSH public key to authorized_keys filles
Check the permissions of .ssh folder and authorized_keys file for access permissions
Verify the Key Pairs with PuTTY
Now, the key based authentication can be verified with PuTTY.
Enter the host name and port
Cygwin Ssh Commands
Select the private key (.ppk)
Cygwin Ssh Windows 10
Confirm the Security alert
Cygwin Ssh Client
If the configuration is correct, the connection will be established successfully