Topic
  • 1 reply
  • Latest Post - ‏2013-07-08T18:31:28Z by etj
etj
etj
108 Posts

Pinned topic key auth to sftp server when datapower is client

‏2013-06-21T14:27:47Z |

Hi,

I need to key auth to a sftp server with datapower as client

I've configured in a (ssh client profile - user agent) openssh priv key so that I can authenticate to a sftp server.

I really need to be able to choose the key according to the user id.

Because I don't need to authenticate the user and key on the way into datapower, I'm not sure how to get this done on the way out.

My outgoing url is always the same.

Can I do it in a stylesheet?

I already have a stylesheet for routing user / password authentication - can I include the key auth there somehow?

Thanks,

El

  • etj
    etj
    108 Posts

    Re: key auth to sftp server when datapower is client

    ‏2013-07-08T18:31:28Z  

    Hi,
    I got this suggestion from support but I can't seem to get it to work...

    It is currently not possible to extract the client's SFTP pubkey and use that to create an
    outgoing connection to the backend SFTP server. You may however try using one of the following
    approaches which requires you to have your SFTP client pubkey on the appliance:
    1. Create an 'SFTP Client Policies' and use a match expression that includes the username. Or
    2. Create a 'Pubkey-Auth Policy' and use a match expression that includes the username.
    The match expression(s) can be something like:
    sftp://<user1>* - use user1 key
    sftp://<user2>* - use user2 key
    Also, when building the backend SFTP url, include the username so that can be matched on when evaluated against the 'SFTP Client Policies' or 'Pubkey-Auth Policy'.


    Can someone tell me if this should work because I can't seem to get a match when I force the url = sftp://userid  .
    Thanks,
    El