Achieving passwordless login using tSSH and public key authentication

Problem Description

You have a Windows source machine. You want to use Secure Shell (SSH) to connect to a Linux target machine by using public key authentication and achieving passwordless login with the tSSH component.

 

Solution

How to achieve passwordless login using the tSSH component:

  1. Create a public and private key pair using ssh-keygen on a Windows machine:

    C:\Users\username> ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (C:\Users\username\.ssh\id_rsa):
    Created directory 'C:\Users\username\.ssh'.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in C:\Users\username\.ssh\id_rsa.
    Your public key has been saved in C:\Users\username\.ssh\id_rsa.pub.
    The key fingerprint is: SHA256:UjGo7zICqfoxhTc1SbSE3eo5nKoOJmG0WZjd+G6kLrA talend\username@TAL-USERNAME
    The key's randomart image is:
    +---[RSA 2048]----+
    |     ++oo        |
    |  + +ooo.o       |
    | + + o=..        |
    |. +.o..o         |
    |.=. +*.oS        |
    |=. o+.B.         |
    |=+o. = .         |
    |Eooo= .          |
    |oo=+ o           |
    +----[SHA256]-----+

     

  2. Create a public and private key pair using ssh-keygen on the Linux machine as shown below. The Linux user ID you use to generate keys is the same as the one you use in the tSSH component when running the Job. For example, this article uses the root user.

    [root@talend02:/home/username/.ssh] ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    e6:b5:60:af:b0:fe:ec:c7:5e:b8:91:f7:d3:09:99:41 root@talend02.com
    The key's randomart image is: 
    +--[ RSA 2048]----+ 
    |                 | 
    |             E   | 
    |            .    | 
    |             .   | 
    |        S .   +  | 
    |       + + + +   | 
    |      . ..* o ...| 
    |       + .o= ....| 
    |     .oo=oo   .. | 
    +-----------------+

     

  3. Copy all the generated keys (for the Windows machine) to any directory on the Linux machine (for example, /softwares/ssh/), with these permissions configured:

    -rw-------. 1 username talend 1675 Aug 22 2019 id_rsa
    -rw-r--r--. 1 username talend 407 Aug 22 2019 id_rsa.pub

     

  4. Create a file named authorized_keys in the /root/.ssh/authorized_keys folder on the Linux machine. If the file is already there, leave it as is.
  5. Check and set the permissions for the files below in the /root/.ssh/ folder. This is important, because if the permissions are incorrect while logging in with the SSH command and user@ip_address, the server will ask for a password.

    -rw-------. 1 root root 798 Jul 22 12:00 authorized_keys
    -rw-------. 1 root root 1675 Jul 22 11:03 id_rsa
    -rw-r--r--. 1 root root 399 Jul 22 11:03 id_rsa.pub
    -rw-r--r--. 1 root root 1191 Jul 22 11:45 known_hosts

     

  6. Copy the contents of the generated C:\Users\username\.ssh\id_rsa.pub file and paste it into the /root/.ssh/authorized_keys file on the Linux machine. Save this file and close it.

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDaPLA6ZepQ8C2zxzs9y2nkQiTc3Fr1g9huD+vVzeeX88zFS44XUOfQSunVLsvqfuRGLPevsR3zOi6PXdBGc1ZtxApoMypFiI06VQP55yyYfw7rNGG1Ca84EMIqDgmgoZeuEZaO/zkj1q94W0L9aqRt7UgZnWcUjOZ+h98AhWesWYdqFqS3Mwt/mlCvnSs2SeuyhRQY3RPw67dL9hgLD6Kmu4sfdc/Uy3vmUb457blEieuGe/d5CCKzIa3UwHTd8yrJ3qviTa0T3oMo6prESODNmy7yXkh/nGziK+wIyGiQvtgA8WnztUi1dn6cgx22d2QLOsPzcO/Hp5t7d2rwlP+H talend\username@TAL-USERNAME

     

  7. In Talend Studio, create a simple DI Job and add a tSSH component, configuring the properties as follows:

    • Host: "192.***.***.***" (Linux machine host IP address)
    • Port: 22 (Linux machine SSH port address)
    • User: "root" (Linux machine user used above to generate the public and private keys)
    • Authentication method: Public key
    • Key Passphrase: Copy the public key content from the authorized_keys file on the Linux machine and paste it into the field, surrounded by double quotes:

      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDaPLA6ZepQ8C2zxzs9y2nkQiTc3Fr1g9huD+vVzeeX88zFS44XUOfQSunVLsvqfuRGLPevsR3zOi6PXdBGc1ZtxApoMypFiI06VQP55yyYfw7rNGG1Ca84EMIqDgmgoZeuEZaO/zkj1q94W0L9aqRt7UgZnWcUjOZ+h98AhWesWYdqFqS3Mwt/mlCvnSs2SeuyhRQY3RPw67dL9hgLD6Kmu4sfdc/Uy3vmUb457blEieuGe/d5CCKzIa3UwHTd8yrJ3qviTa0T3oMo6prESODNmy7yXkh/nGziK+wIyGiQvtgA8WnztUi1dn6cgx22d2QLOsPzcO/Hp5t7d2rwlP+H talend\username@TAL-USERNAME"
    • Private key: /softwares/ssh/id_rsa (Linux location of generated keys from the Windows machine)
    • Commands: "echo Talend Open Studio"

       

      tSSH_Job.JPG

       

  8. In the Run view, on the Target Exec tab, for JobServer, select the remote machine you want to connect to using SSH (the Linux machine mentioned above).
  9. Run the Job. It runs successfully and you get this output:

    Checking ports...
    Sending job 'tssh_case_00142676' to server (192.***.***.***:8001)...
    File transfer completed.
    Deploying job 'tssh_case_00142676' on server (192.***.***.***:8000)...
    Running job 'tssh_case_00142676'...
    Starting job tssh_case_00142676 at 08:04 23/08/2019.
    [statistics] connecting to socket on port 3522
    [statistics] connected
    Talend Open Studio
    [statistics] disconnected
    Job tssh_case_00142676 ended at 08:04 23/08/2019. [exit code=0]
Version history
Revision #:
35 of 35
Last update:
‎09-06-2019 02:46 PM
Updated by: