Rally - On-premises: How to generate a PEM file for SFTP backups
Article ID: 130245
Updated On:
Products
CA Agile Central On Premise (Rally)
CA Agile Central SaaS (Rally)
Issue/Introduction
Version 2.0 of Rally on-premises introduces a new method for using remote SFTP backups. Instead of storing username and passwords, the appliance now stores a PEM file generated from the appliance that is stored on the SFTP server.
This article discusses the steps on generating that key pair, uploading it and configuring the backup settings in the appliance.
This article discusses the steps on generating that key pair, uploading it and configuring the backup settings in the appliance.
Environment
Release:
Component: ACPREM
Component: ACPREM
Resolution
SSH into the on-premises appliance
Run this command to generate a 2048 bit RSA key
Next we need to copy the key to the SFTP server. In this example, the SFTP server is 192.168.0.1, however yours will likely be different.
Output:
Next you'll want to test the accessibility with an SFTP command:
Output:
Run a pwd to ensure that the files are being uploaded where you expect. For example, in this configuration it is expected to see files being sent to the /upload directory.
Output:
The next step is to take the contents of the "rally" file and paste them into the Private Key PEM section in the Snapshot & Restore settings:
Run this command to generate a 2048 bit RSA key
$ ssh-keygen -t rsa -b 2048 -v
This will prompt you for a filename. Enter something simple and unique like "rally". There is no need to enter a password.
Output:Generating public/private rsa key pair. Enter file in which to save the key (/home/ops/.ssh/id_rsa): rally Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in rally. Your public key has been saved in rally.pub. The key fingerprint is: SHA256:a2JVkaY7V2VtCum+uP6pcsuxCYLSDmM3Di5lMBl3GWI [email protected] The key's randomart image is: +---[RSA 2048]----+ |XE=...ooooo | |&=o.. + | |oB o+.o . . | |. .. + o.= + . | | . =S* . | | o . =. | | o o | | ......... | | +=++. | +----[SHA256]-----+
Next we need to copy the key to the SFTP server. In this example, the SFTP server is 192.168.0.1, however yours will likely be different.
$ ssh-copy-id -i rally.pub [email protected]
Output:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "rally.pub" The authenticity of host '192.168.0.1 (192.168.0.1)' can't be established. ECDSA key fingerprint is SHA256:ps0kmToFDj85quAVhRZhycd84KBnn1k7otGCQ30Senc. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.
Next you'll want to test the accessibility with an SFTP command:
$ sftp -i rally [email protected]
Output:
Connected to 192.168.0.1. sftp>
Run a pwd to ensure that the files are being uploaded where you expect. For example, in this configuration it is expected to see files being sent to the /upload directory.
sftp> pwd
Output:
Remote working directory: /upload
The next step is to take the contents of the "rally" file and paste them into the Private Key PEM section in the Snapshot & Restore settings:
<Please see attached file for image>
Attachments
Feedback
Yes
No
Powered by
