TIBCO LogLogic LMI - How to create a password-less connection between two appliances
Article ID: KB0073282
Updated On:
| Products | Versions |
|---|---|
| TIBCO LogLogic Enterprise Virtual Appliance | 6.1.0 and higher |
Description
Password-less connection is a key feature that is often used in LMI to access a remote server for a High Availability setup or to collect files by pulling them via scp/sftp from a remote server. This is only possible if remote password-less access is granted to a specific username.
TIBCO LogLogic Management Intelligence provides a feature in root console to generate and copy the LMI public key to a remote server so that LMI can login to that server password-less and pull files from a given path/folder.
Resolution
To achieve this we can leverage one command available in root console:
To generate public keys and copy them to the remote server, just type 'c' (w/o quotes) . Thereafter you will be requested to provide the remote username and password to access remote server. The generated keys will be copied to username home folder. I.e:
Next step is to login to the remote server to copy the first key (LOGLOGICPUBKEY_id_rsa.pub) to the ~/.ssh/authorized_keys using below command:
That should be it! You can confirm password-less access by running below command on root console:
This time use the 't' option to confirm you can access the remote server password-less. Alternatively, you can run below command to confirm password-less access to the remote server:
> system keycopy This command should be done in two steps. First, [c]opy the appliance's public key to the SSH server's correct place like ~/.ssh/authorized_keys depends on the SSH server. Secondly, to make sure the setup is correct run it one more time in the [t]est mode. If this test is able to exchange a test file without asking for a password and runs without errors then the SSH setup is successful. Do you want to [c]opy or [t]est the key:
To generate public keys and copy them to the remote server, just type 'c' (w/o quotes) . Thereafter you will be requested to provide the remote username and password to access remote server. The generated keys will be copied to username home folder. I.e:
[jorgem@jmubuntuserver ~]$ ls *.pub LOGLOGICPUBKEY_id_rsa.pub LOGLOGICPUBKEY_SECSH_id_rsa.pub
Next step is to login to the remote server to copy the first key (LOGLOGICPUBKEY_id_rsa.pub) to the ~/.ssh/authorized_keys using below command:
[jorgem@jmubuntuserver ~]$ cat ~/LOGLOGICPUBKEY_id_rsa.pub ~/.ssh/authorized_keys
That should be it! You can confirm password-less access by running below command on root console:
> system keycopy This command should be done in two steps. First, [c]opy the appliance's public key to the SSH server's correct place like ~/.ssh/authorized_keys depends on the SSH server. Secondly, to make sure the setup is correct run it one more time in the [t]est mode. If this test is able to exchange a test file without asking for a password and runs without errors then the SSH setup is successful. Do you want to [c]opy or [t]est the key:
This time use the 't' option to confirm you can access the remote server password-less. Alternatively, you can run below command to confirm password-less access to the remote server:
# ssh <remote_username>@<remote_ip>
Issue/Introduction
This article explains how how to configure LMI to access to a remote server password-less.
Feedback
Yes
No
Powered by
