Skip to Main Content U.S. Department of Energy

Generating SSH keys with MIF

In order to use many of the remote features of MIF, such as the DataMoverModule and ExternalCommandModule, it is necessary to setup the security requirements for authentication. Specifically, SSH keys are used to provide autonomous authentication with no need for user input.

This document demonstrates:

- How to generate the SSH keys used for authenticating the MIF components with remote computers.

Setup SSH keys

- First, in a console, navigate to MIF_HOME. Then generate the keys through MIF's built-in key generator (works on all platforms):

For example on UNIX platforms, the command is

mif.sh -c gov.pnnl.mif.api.tools.SshKeyGenerator -a rsa,<path/to/ssh/key/dir>/id_rsa,mif-generated-key

- Take all of the defaults (no “passphrase” needed – click “OK” with nothing in the passphrase box).

- Append the id_rsa.pub key to the end of the ~/.ssh/authorized_keys file on the remote machine. This will require you to manually connect to the remote machine (most likely via ssh) and ensure that the ~/.ssh/authorized_keys file exists (if not, create one) and then paste the generated public key into the file. The public key is stored in the file:

<path/to/ssh/key/dir>/id_rsa.pub

Conclusion

After the SSH keys have been configured, the keys can be referenced when using a MifUri by call the setSshDirectory() method to specify where MIF should look for the SSH keys when trying to connect to a remote server.

 
generating_ssh_keys.txt · Last modified: 2010/05/28 16:38 by adamw