skip to main content

SAP NetWeaver Newbie

User Authentication using Keys via PuTTY

SAP Admins have to constantly log in to the server at OS level to carry out their every day tasks. A normal setup of SAP landscapes involves tens and hundreds of servers and logging on to these servers using passwords is error prone or slightly delayed by requiring to access password vaults.

A simple solution is to use public-private keys to authenticate the users. You generate a key pair. Keep the private key a secret and upload the public key on the server. Then use the private key while logging on through PuTTY. Because you are keeping Private Key a secret, server accepts connections via the Private Key to recognize you.

User authentication using public private keypair

To set this up we first need to create the key pair

  1. Download PuTTYgen and start it
  2. Click on Generate button to generate public and private key pair

  3. Move the mouse cursor to generate randomness

  4. Save the private key and copy the public key (or save the public key)

  5. We now have the key pair

Place the Public Key on the server

  1. Log on to the server with the user name for which you want to set this authentication up
  2. Create .ssh folder
    mkdir ~/.ssh
  3. Create authorized_keys file with the public key as its contents (you have copied or saved it in step 4 above)
    cd ~/.ssh
    vi authorized_keys
  4. Make sure directory can be traversed only by user user ID (some operating systems will not authenticate if other users can view or edit the keys)
    chmod 700 ~/.ssh
  5. Make sure authorized_keys is accessible only on your user ID
    chmod 600 ~/.ssh/authorized_keys

Set up PuTTY to authenticate using Private Key

  1. Start PuTTY and populate the hostname or IP address of the server to which you wish to connect

  2. On the left hand side, choose Connection > Data and populate the user ID

  3. Now expand SSH > Auth and populate the path to your Private Key

  4. Save your changes
  5. Next time you wish to log on, open the save PuTTY session!
All of this is obviously possible if the server allows authentication through keys. Did you know, you can log on to Service Marketplace without passwords, using logon tickets?

No comments:

Post a Comment

Email Subscription

Get every new post into your inbox by subscribing us.

Want a reason to subscribe?
1. This sitemap might convince you to subscribe.
2. We do not misuse email IDs. We respect privacy.

© 2008 - 2017 sapnwnewbie. All rights reserved.