Public Key Authentication Configuration

This is an alternative security method to using passwords. To use public key authentication, you must generate a public and a private key, also known as a key pair. The public key is stored on the remote hosts where accounts reside. The private key is saved on the computer you use to connect to those remote hosts. This method allows you to log into those remote hosts and transfer files to them without using account passwords.

Perform the following configuration steps to make a UNIX computer the server and IdentityIQ computer a client:

Generate Private and Public keys.

For more information of the standard steps, refer to Test connection fails for SUSE Linux in the Troubleshooting section.
Append the contents of the public key file to ~/.ssh/authorized_keys as follows:

cat <public key file> >> ~/.ssh/authorized_keys
The ~/.ssh/authorized_keys file must have read, write, and execute permissions in -rw-r--r-- format. Enter the following command to set the -rw-r--r-- format permissions:

chmod 0644 ~/.ssh/authorized_keys
Copy the private key file to a location accessible by the server.
Provide the path of the private key file in application configuration.

Note

When generating public keys, if a permission-related issue occurs, use the following command from the user home directory (this overrides SELinux policies):

chcon -t ssh_home_t .ssh

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Public Key Authentication Configuration

Documentation Feedback