on 06-14-2017 8:18 AM
Hi Experts,
In case of SAP HCI --> SFTP & SFTP --> SAP HCI connectivity, if the SFTP server supports User Name/Password based authentication then credentials & directory alone are enough to connect to SFTP server or do we need known_hosts file to deployed in HCI? Kindly help.
Thanks,
Ramu.
Hello Ramu,
Agree with Apu.
You can navigate to Deployed Artifacts in Eclipse Tooling ( Tab next to Message Monitoring ) and locate the known_host file,if it is already avaialbe download it and append your required keys.
If not available create a new file and save it to your desktop and follow the below to create the same.
Below will show you sample known_host entry.
how to get entry for known_host file:
Follow the below post it will guide how to generate keys using open SSH( make sure your firewall is not preventing you to access the target server)
https://answers.sap.com/questions/28265/hci-know-hosts-file.html?childToView=43251#answer-43251
Regards,
Sriprasad Shivaram Bhat
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Shivaram,
Thank you for your detailed explanation with snippets 🙂
But I could not see known_hosts file in the Deployed artifacts as well as Web UI also i.e, I mean known_hosts file is not present by default. Kindly guide me on the steps to create it like the file type[extension of the file] & the tools/softwares required to add the contents to that file?
Thanks,
Ramu
Yes you can add the SFTP server name and manually edit the known_hosts file.
To deploy the same you must have below role to your suser.
Either you must have adminstrator role or Node manager.deploysecuritycontent role.
To know more about roles and how to assign it to your user please refer sap hci help(clearly given in the help document)
Regards,
Sriprasad Shivaram Bhat
Hi Shivaram,
I did not to update known_hosts file in SAP HCI with Public Keys of SFTP server. I tried "Test Outbound Connection" after I have given host name & credentials and it throws below error:
Kindly let me know where to locate this "known_hosts" file in HCI. I should request for RSA public key right? after I get that I need to edit the known_hosts file with below format I hope " <SFTP host name> <Algorithm of key> < Public key> " . Please correct me If I am wrong.
Thanks,
Ramu.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ramu,
Yes, check security section in WEB UI for deployed artifacts. There you should have one file called Known_hosts. You need to export this from there, need to maintain internal IP and public key of the known_host using key explorer.
Sometimes, known_hosts file might not be there if it is not a trial version of HCI. On that case, you need to create a new one and deploy in your tenant.
Thanks,
Apu
Hi Apu,
I checked the security section & came to know that known_hosts file do not exist.
Can you please guide me on how to create known_hosts file i.e., type of the file like .txt etc., & contents of the file would be like "<SFTP server host name> <Algorithm name of public key> <Public key of SFTP server> " and should the contents be edited with help of key store explorer?
Thanks,
Ramu.
Hi Ramu, Sriprasad has already provided detail explanation on this I guess. Anyway, you can follow Learning 4 section of this blog of Bhavesh to create the txt file using any key generator tool- https://blogs.sap.com/2016/03/31/hci-deciphering-hci-keystore/
please let me know if you still face issue.
Thanks,
Apu
Hello Ramu,
Although you are using UserName/Password based authentication it is required to update known_hosts file in sap hci with Public Keys of SFTP server.
Regards,
Sriprasad Shivaram Bhat
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI Shivaram,
Once generated the SSH-RSA key and while deploying that key into HCI (WEB-UI), I am getting error message like as below.
Deploy artifact failed with error:
Deployment of content not possible Artifact Artifact[id=747f113d-8b2c-43a7-9ff9-e7f5961464b8, type=SSH_KNOWN_HOSTS, contentSize=372, description=null, tags=[]] of type SSH_KNOWN_HOSTS is not valid. Invalid Known Host entry. Not enough segments in line 1
Please help me on this.
Thanks.
Hello tshepo.mokgethi , Have you been able to solve this problem? I get same error :
Invalid Known Host entry. Not enough segments in line 1
thanks
User | Count |
---|---|
94 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.