File transfer from one system to another system is one of the
very important activity in any of the IT enabled industry & indeed it’s
an highly required mechanism in the Business Intelligence systems. In case if
your Data warehouse ETL is required to read from the source as text or .csv
files from upstream systems.
Here the files need to be transferred from upstream systems to
ETL server. Few years ago there was an approach to transfer the files using the
FTP (File Transfer Protocol) but when the SFTP (Secured File Transfer) was
conceptualized slowly the awareness about the password less authentication
& secure file transfer was popularized. Since then FTP was treated as
vulnerable & now it became a standardization to use the SFTP protocol.
Here are the steps to setup the SFTP & install the public key.
Use the below commands
step by step.
- mkdir
.ssh
- chmod
700 .ssh
- cd
.ssh
- ssh-keygen
–t rsa –b 1024
- It
prompts for private key give the name as id_rsa
- Next
it prompts for public key give the name as id_rsa_pub
- Create
a file Authorized_Keys using vi editor & add the target
server key.
- Make sure that key should be added in a single line.
You might get a below error if the port 22 is blocked.
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to sbh-esdb-tst1 [10.244.162.45] port 22.
debug1: connect to address 10.244.162.45 port 22: Connection refused
ssh: connect to host sbh-esdb-tst1 port 22: Connection refused
Connection closed
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to sbh-esdb-tst1 [10.244.162.45] port 22.
debug1: connect to address 10.244.162.45 port 22: Connection refused
ssh: connect to host sbh-esdb-tst1 port 22: Connection refused
Connection closed
This is a known issue appears only when there are inconsistent
permissions or whenever there is sftp port 22 is blocked.
You can resolve the
error by applying the below suggestions:
- Pls have your unix system admin
to open the port 22 if not already.
- Pls make sure your.ssh directory
should be having chmod 700 permissions.
- All the keys files l id_rsa,
id_dsa, rsa_pub, dsa_pub, Authorized_Keys should be having chmod
600 permission.
- Remove
the entry from the hosts file known_hosts
- Do sftp user_name@hostnam
· On Linux (x86_64) machine due
to fire wall setting it won’t allow FTP by default unless your organization policy is allowed to do
FTP. Always better to use the SFTP script created & the logging enabled for
that, If you're using SFTP there is no point of using the FTP connection
created. Because FTP uses password and
non-secure one. SFTP doesn’t use the password and it’s secured file transfer. SFTP script would be the more robust option for file transfer.
You'll have to setup the sftp connection between both the source and
destination.
Hi Shiva,
ReplyDeleteNice to see you become an Infa Admin after leaving PNC and am also glad that you started this blog. It is indeed a great training resource for new admins. Keep up the good work!!
Regarding this post...
3.All the keys like id_rsa, id_dsa, rsa_pub, dsa_pub, Authorized_Keys should be having chmod 600 permission not 644. This way it will be completely secure.
Hi Mohan -
ReplyDeleteThanks for your such a wonderful comment and suggestion.
Yes it's 600 ...
Many Thanks
Shivakumar