Setting Up Public-Key Authentication for SCP/SFTP Jobs
search cancel

Setting Up Public-Key Authentication for SCP/SFTP Jobs


Article ID: 10545


Updated On:


CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent


This document provides an example for SCP job type/. There are no changes required in the agent configuration or an existing job definition that is already utilizing user/password authentication. It is simply a difference in what is defined in the autosys_secure utility.


Release: ATSYHA99000-11.3.6-Workload Automation AE-High Availability Option


In this example, job "test_sftp" is defined to perform an SFTP upload of a file called "test_sftp.txt" from the /tmp directory on machineA to the /tmp directory on machineB as user "autosys"...

/* ----------------- test_sftp ----------------- */

insert_job: test_sftp   job_type: SCP
machine: machineA
owner: autosys@machineA
scp_transfer_direction: UPLOAD
scp_server_name: machineB
scp_server_port: 22
scp_remote_dir: "/tmp"
scp_remote_name: "test_sftp.txt"
scp_local_name: "/tmp/test_sftp.txt"
scp_target_os: UNIX
scp_protocol: SFTP

In order for this job to run successfully with public-key authentication, you will need to store the key credentials for the job owner using the autosys_secure command. You will need to know the file path where the job owner's private-key is located on the agent machine where the job runs. In this example, the private key file is /home/autosys/.ssh/id_rsa.

Run "autosys_secure" and select the following options...

[5] Manage users.

[2] Manage users with key credentials.

[1] Create a user.

You will then be prompted for the necessary key credential information.

The first prompt will be for the user name. This should match the job owner...

Input the user name (or hit enter to cancel):  autosys

The next prompt will be for the host or domain. This should match the machine attribute of the job...

Enter user host or domain (or hit enter to cancel):  machineA

The next prompt asks you to create a new security code for this user and verify it. This can contain any alphanumeric characters. If a user wishes to modify this entry, they will be prompted to enter this security code..

Enter new security code:

Enter new security code again:

The next prompt asks for the type of key credential. For this particular functionality, you must select option '2'...

Enter type of key credential [1:Upload local key or 2:Use remote key] (or hit enter to cancel):  2

Next, you will be prompted for the location of the user's private key file on the agent machine...

Enter the key credential file path (or hit enter to cancel):  /home/autosys/.ssh/id_rsa

Finally, you will be prompted for the key's passphrase. If the key is created with no passphrase, just press enter to skip.

Enter new passphrase (or hit enter to skip):

CAUAJM_I_60135 User create successful.

Once this entry is added, you should then be able to successfully run the SCP job using public-key authentication.