SSH-KEYGEN Password Less Entry Setup to connect from one server to another server without Password

Once I had a requirement to copy some files from APP sever to DB server of same instance on regular intervals. We can achieve this by writing a small host program to connect to DB sever through FTP or SFTP and transfer files but this would require DB server login user name and password. We can hardcode the user name in the shell script but its not suggestible to hardcode password for obvious security reasons, we can store the password in lookup or a profile option but even this is not suggestible from security point of view. So I’ve decided to use the approach of Password less SSH Connection.

Here in this article I will show how to setup Password less SSH Connection.

Lets consider Apps server as ‘Source Server‘ and DB Server as ‘Destination Server

Here in this example server 005 is APP Server and 006 is DB server

Step 1
Connect to APP Server(005) and change to super user mode and execute below command

ssh-keygen -t rsa

Note: Do not enter file name and password when prompted

You can observe that this command creates a key under a directory .ssh

Step 2
Connect to DB Server(006) with any user name through which you want to connect and create a directory ‘.ssh‘ and create an empty file ‘authorized_keys’ in .ssh directory.

I couldn’t find a way to create a directory ‘.ssh’ so ran the SSH key gen command which creats ‘.ssh’ directory and then deleted all the files in ‘.ssh’ directory.

ssh-keygen -t rsa
cd ~/.ssh
rm *
touch authorized_keys

Step 3
Connect back to APP server in super user mode and execute below command to copy ssh key to Destination DB server

cat ~/.ssh/id_rsa.pub | ssh DBHostUsername@DBHost006 'cat >> .ssh/authorized_keys && echo "Key Copied"

Step 4
Connect to DB Server and check if keys are copied

cd ~/.ssh
cat authorized_keys

Step 5
Connect to APP server in super user mode and test password less entry by executing below command, it will not ask password

sfpt DBHostUsername@DBHost006

after doing all these setups you can use the command in Step 5 in any shell script to connect without password

Thanks to Tommy’s blog for helping me in creating ssh-keygen

Do drop a comment if you have questions on implementing this.


For Further Reading

  1. Use $TWO_TASK environment variable to connect to Oracle Database from Unix
  2. [Decrypting User Password]How to find password of a User in Oracle Apps R12?
  3. PL/SQL Script to Reset User Password from Backend
  4. DB Link in Oracle SQL
  5. Error(X,X): class xx.oracle.apps.fnd.emp.schema.server.XXEmpSearchEOImpl should be declared abstract; it does not define method setLastUpdateLogin(oracle.jbo.domain.Number) of class oracle.apps.fnd.framework.server.OAEntityImpl
Tags:
OracleAppsDNA.com