SFTP authentication with private SSH key

Filip_Pejsa
Filip_Pejsa Registered Posts: 11 ✭✭✭

Hi, SCP/SFTP connection setup offers either password or public (DSS-global) SSH key authentication. Is there a way to set up private SSH key authentication ?


Operating system used: Windows 10

Tagged:

Answers

  • Miguel Angel
    Miguel Angel Dataiker, Dataiku DSS Core Designer, Dataiku DSS ML Practitioner, Dataiku DSS Adv Designer, Registered Posts: 118 Dataiker

    There is no private SSH key authentication. SSH key authentication needs both a private and public key. A server with a public key can be accessed through SSH by any host who presents the complimentary private key.

    What the SCP/SFTP connection is asking you in the "Use public key authentication" option is whether you want to use the key authentication method instead of using a password.

  • Filip_Pejsa
    Filip_Pejsa Registered Posts: 11 ✭✭✭

    Thanks. Well, the public key is stored at the SFTP host. I have the host address, user name, and private key.

    AKA: pysftp.Connection(host="hostname", username="username", private_key="privatekey")

    Is there a way how to set it up in the DSS connection definition ?

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,046 Neuron

    Yes, just create an SCP/SFTP connection (New Connection, scroll down under the File Based section). Select the "Use public key authentication" option and on Path From point to your Private Key file.

  • Filip_Pejsa
    Filip_Pejsa Registered Posts: 11 ✭✭✭

    Thanks for your advice, but the hint at the "Path from" field points to st. different: "Optional. Limit accesses on this connection to the contents of this folder".

    In case that the path to the file with SSH private key can be specified there as you write, where is the root for the path ?

  • Rajbir
    Rajbir Dataiker, Dataiku DSS Core Designer, Registered Posts: 1 Dataiker

    @Filip_Pejsa
    I confirmed with our field engineering team that the functionality is supported, and it will use the keys for the service account running DSS in $HOME/.ssh

    For more information, this documentation should answer your questions: https://doc.dataiku.com/dss/latest/connecting/scp-sftp.html?highlight=sftp#ssh-connection-parameters

  • Filip_Pejsa
    Filip_Pejsa Registered Posts: 11 ✭✭✭

    We have explained at Aur-18 Merck - Dataiku Field Engg. Office Hours that only a single SSH authentication per DSS instance is supported. For support of per connection SSH authentication setup, a feature request will be raised.

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,046 Neuron

    You can always use a Shell Script recipe and pass custom SSH keys to the sftp command. BTW scp is way faster than sftp so you should probably use scp instead of sftp unless you need the extra functionality sftp has.

Setup Info
    Tags
      Help me…