Skip to main content

Scenario two: Target using an authentication key file and passphrase

This scenario is appropriate when importing a key pair from a signed certificate certified by a CA signing authority. It uses an authentication key file and a passphrase is used for the administrator password for authentication. The authentication key file is copied from the SSH server to the Bravura Security Fabric server.

  1. Use the ssh-keygen program on the operating system to create the public/private key pair:

    ssh-keygen -m pem -t rsa

  2. Choose a file name to save the key, for example, /root/.ssh/id_rsa_LINUX

  3. Enter a passphrase when prompted.

  4. Add the public key to the user's authorized_keys file; for example:

    cat ~/.ssh/id_rsa_LINUX.pub >> ~/.ssh/authorized_keys

  5. Copy the private key from the SSH server, for example from here:

    /root/.ssh/id_rsa_LINUX

    to the Bravura Security Fabric server in the script directory, for example here:

    <Program Files path>\Bravura Security\Bravura Security Fabric\<instance>\ script\id_rsa_LINUX.key

  6. Ensure that the Authentication method target address option is set to RSA .

  7. Set the Authentication key file target address option to the key file name, for example: id_rsa_LINUX.key

  8. Set the administrator id to the SSH user that was used to create the private key. Set the administrator passsword to the passphrase used for the SSH key.

In this section: