The SSH/SFTP Tab - Server Management

Teradata Server Management Web Services User Guide

Product
Server Management
Release Number
12.03
Published
October 2016
Language
English (United States)
Last Update
2018-04-13
dita:mapPath
uxu1475712055651.ditamap
dita:ditavalPath
Generic_no_ie_no_tempfilter.ditaval
dita:id
B035-5350
lifecycle
previous
Product Category
Hardware
Software
The SSH/SFTP tab on the New Connection and New Address Book Entry dialog boxes allows you to specify options for SSH and SFTP connections. If you are connecting to a node, the SSH server must be enabled on the node before you can make an SSH connection or use SFTP. The options you set on the SSH/SFTP tab depend on how the SSH server is configured on the nodes.

Browse to the SSH/SFTP tab from the SMClient window: Select Tools > Client Connections Window, and then select Connection > New. Click the SSH/SFTP tab.

The following types of client authentication can be configured on the SSH server on the nodes:
  • Host-based authentication (by host)
  • Public key authentication (by user)
  • Password authentication (default)
  • Keyboard interactive authentication

    Allows for any authentication method that only requires keyboard input.

For more information about configuring SSH Server host and private key authentication on Linux nodes, see the OpenSSH documentation available online at http://www.openssh.org/.

Password authentication is used as the default until you use the Set Keys dialog box to specify the necessary keys for using host-based and public key authentication:

  • If a host key is specified, and the SSH server allows host-based authentication, then host-based authentication is attempted.
  • If no host key is specified, or if host-based authentication fails, and a user key is specified, and the SSH server allows public key authentication, then public key authentication is attempted.

    The Client Connections Window can be used to generate the host and user keys to be used with host-based and public key authentication.

  • If no user key is specified, or if public key authentication fails, and the SSH server allows password authentication, then password authentication is attempted.
  • If password authentication fails, and the SSH server allows keyboard interactive authentication, then keyboard interactive authentication is attempted.
  • If keyboard interactive authentication fails, an Authentication Failed message displays and the connection is closed.

Host-based authentication process when connecting to an SSH server

  1. The hosts file is checked to see if the server is trusted.
  2. If the server is not trusted a message states that the host is unknown.
  3. A message displays, asking if you trust the host.
    • If you enter No, the connection is closed.
    • If you enter Yes, the connection proceeds as usual.
    • If you enter Always, then the unknown host is added to the hosts file and you are no longer prompted about trust on subsequent connections to the same server.
Option Description
Default Username Specifies the name that is used to log on to the SMClient.
Set Keys Displays the Set Keys dialog box, which specifies the host and user keys to be used with the host-based and public key authentication.
  • Host Private Key File: Contains the location and name of the host private key file. To specify a host key for host-based authentication, use Browse to locate the appropriate file.
  • User Private Key File: Contains the location and name of the user private key file. To specify a user key for public key authentication, use Browse to locate the appropriate file.
  • User Key Passphrase: Specifies the password or string used to decrypt the user private key.
Tip: Use the Tools > Generate Key command in the Client Connection Window to generate host and user keys.
Hosts File Specifies the Name or IP address and public key of SSH servers that are trusted by the user. To specify the location of the Hosts File, use Browse to locate the file. The default folder name is .ssh, which is located under the userhome directory.
Algorithms Message Authentication and Encryption settings are for advanced users. For more information, see the SSH server documentation.
Local Home Directory This setting applies only to SFTP. SFTP is a protocol that uses the SSH communication protocol to transfer files securely across a network. To set a local directory, use Browse. The default is the local working directory, userhome.
Restore Defaults Resets the settings in the SSH/SFTP tab to their default values.
SSH Escape Character Specifies the character used to escape from the current interactive session. When you enter the escape character, a command prompt displays at the terminal. The command prompt allows you to enter commands to change the terminal emulation type. For more information, type help at the command prompt. When you finish, use the escape character to return to the interactive session.