Previous Topic

Next Topic

Book Contents

Book Index

Importing SSH Client Keys

In addition to generating new SSH client keys, MOVEit Automation can import existing keys that have been obtained from remote servers. The specifics of how servers generate and store SSH private keys vary from vendor to vendor. However, the most common SSH implementation, OpenSSH, generates its keys via "ssh-keygen" and stores the keys in files named $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa, where $HOME is the home directory of the user in question.

Example of a Linux session that generates a key:

$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/fred/.ssh/id_rsa):

Created directory '/home/fred/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/fred/.ssh/id_rsa.

Your public key has been saved in /home/fred/.ssh/id_rsa.pub.

The key fingerprint is: 18:37:c3:bc:10:f0:c0:38:19:3e:80:7b:73:79:15:9c fred@linuxsrv1

$

To import an SSH Client Key into MOVEit Automation:

  1. Transfer the key (the file that does not end in .pub) to the computer running MOVEit Automation Admin. (You might use FTP or FTP over SSH to do this transfer.)
  2. In the Hosts tab, double-click the SSH host name.
  3. In the Define SSH Host dialog, choose the ... button next to SSH Client Key.
  4. In the Manage SSH Keys dialog, choose Import.
  5. In the Enter Name dialog, choose an arbitrary name for the key. Click OK. (This name is used only as a label within MOVEit Automation)
  6. Select the key file that you just transferred from the SSH server. Do one of the following:

The key is imported into MOVEit Automation. It can now be selected as the default SSH client key for this or any host, and can be selected as the SSH client key in tasks that override the default SSH client key for a host.

Configuring the key on the SSH server

After a key has been created, the SSH server must be configured to authorize the key for logon. The procedure for this depends on the type of SSH software running on the server.

For other servers, consult the documentation for that server.

PuTTY Key Generator

By default, the PuTTY Key Generator exports TWO files; one for a private key and one for a public key. However, to generate a file format for use in the SSH client, you must opt to export your PuTTY key as an "OpenSSH Key" (using the "Conversions" menu, if available). The passphrase you designate in the provided fields will carry over to the exported OpenSSH key as well.

"ssh.com" Key Import

MOVEit Automation allows the import of "ssh.com" keys, but such keys must NOT have been protected with a password; imports of "Password Protected ssh.com" keys will always fail. ("Blank password OpenSSH" and "Password Protected OpenSSH" keys can be imported without problems.)