SlideShare a Scribd company logo

Oracle Managed Files Transfer- Key based authentication

Download as PPTX, PDF
kumar gaurav
kumar gaurav

Oracle Managed Files Transfer- Key based authentication

Engineering
1 of 22
ORACLE-MFT Setting up SFTP Transfers using Key-based Authentication Kumar Gaurav k10gaurav@gmail.com
Agenda  Executive Overview  Solution Approach  Overview  Task and Activity Details  References
Executive Overview  MFT supports file transfers via SFTP. Often MFT customers receive a public key from their partners and want to use them to receive files via SFTP.  MFT includes an embedded SFTP server. We will configure it with the supplied public key to receive files from remote partners. Upon receipt of a file, a simple MFT transfer will initiate and place the file in a pre-defined directory within the local filesystem.
Solution Approach  Overview  Task and Activity Details 1. Generate public-private key pair on the remote machine and copy the public key to MFT server 2. Generate public-private key pair on the machine running MFT server 3. Import the private key from MFT machine in MFT keystore 4. Import the public key from partner machine in MFT keystore 5. Configure SFTP server with private key alias 6. Configure MFT users and corresponding SFTP directories to be used by remote partners
Continue… 7. Enter SSH-Keystore Password 8. Restart embedded SFTP Server 9. Create Embedded SFTP Source 10. Create File Target 11. Create a transfer using the above source and target 12. Deploy and Test
Continue…
1. Generate public-private key pair- Remote Machine Generate public-private key pair on the remote machine and copy the public key to MFT server To generate a private-public key pair, we use the command-line tool ssh-keygen. The tool creates 2 files for private and public key. For our purposes in this exercise, we will only be using the public key by copying it to the MFT machine from here. As a common practice, all the key files are saved in $HOME/.ssh directory. [slahiri@slc08vby .ssh]$ pwd /home/slahiri/.ssh [slahiri@slc08vby .ssh]$ ssh-keygen -t rsa -b 2048 Generating public/private rsa key pair. Enter file in which to save the key (/home/slahiri/.ssh/id_rsa): sftpslc Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in sftpslc. Your public key has been saved in sftpslc.pub. The key fingerprint is: 56:db:55:48:4c:db:c4:e1:8b:70:40:a8:bf:12:07:94 slahiri@slc08vby The key’s randomart image is: +–[ RSA 2048]—-+ | . oo +o++| | E . . +=.| | . . .. .o..| | o . oo.. .| | S . .. . | | o o | | o . | | . . | | . | +—————–+ [slahiri@slc08vby .ssh] ls sftpslc sftpslc.pub [slahiri@slc08vby .ssh] cat ~/.ssh/sftpslc.pub | ssh oracle@oel6vb “cat >> ~/.ssh/authorized_keys” oracle@oel6vb’s password: [slahiri@slc08vby .ssh]
2. Generate public-private key pair- machine running MFT server Generate public-private key pair on the machine running MFT server As shown in the previous step, ssh-keygen is used on the MFT machine to generate a key pair. From the pair generated here, we will only be using the private key for our exercise. The session transcript is shown below. [oracle@oel6vb .ssh]$ pwd /home/oracle/.ssh [oracle@oel6vb .ssh]$ ssh-keygen -t rsa -b 2048 Generating public/private rsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_rsa): sftpmft Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in sftpmft. Your public key has been saved in sftpmft.pub. The key fingerprint is: 36:a8:ac:a7:0c:bd:34:c9:bd:cd:1b:fe:05:a8:1d:47 oracle@oel6vb The key’s randomart image is: +–[ RSA 2048]—-+ | | | | | E | | + | | + S | | o + + + o | |. * = o . | | + +.= . . | | =o. =o. | +—————–+ [oracle@oel6vb .ssh]$ ls sftpmft sftpmft.pub [oracle@oel6vb .ssh]$
3. Import the private key from MFT machine in MFT keystore The private key from Step II is imported into MFT keystore using WLST utility. It must be noted that for MFT, a different version of WLST is shipped and installed with the product. It is found in /mft/common/bin directory. The version of WLST in this directory must be used. The WLST session should be connected to the MFT Server port using an Administrative credential. A typical session transcript is shown below. [oracle@oel6vb .ssh]$ cd /u01/oracle/SOAInstall/mft/common/bin [oracle@oel6vb bin]$ ./wlst.sh CLASSPATH=:/u01/oracle/SOAInstall/mft/modules/oracle.mft_12.1.3.0/core- 12.1.1.0.jar Initializing WebLogic Scripting Tool (WLST) … Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands wls:/offline> connect(“weblogic”,”welcome1″,”t3://localhost:7003″) Connecting to t3://localhost:7003 with userid weblogic … Successfully connected to managed Server “mft_server1” that belongs to domain “base_domain”. Warning: An insecure protocol was used to connect to the server. To ensure on-the-wire security, the SSL port or Admin port should be used instead. wls:/base_domain/serverConfig> importCSFKey(‘SSH’, ‘PRIVATE’, ‘MFTAlias’, ‘/home/oracle/.ssh/sftpmft’) CSF key imported successfully. wls:/base_domain/serverConfig> listCSFKeyAliases(‘SSH’, ‘PRIVATE’) Key Details ————————————————————————– ‘MFTAlias’, Format PKCS#8, RSA
4. Import the public key from partner machine in MFT keystore The same WLST session can be used to import the public key copied over from the remote machine in Step I. It must be noted that the public key alias used here should be the same as the userID that is to be used by the remote SFTP client to connect to the embedded SFTP server. Transcript of a sample session is shown below. wls:/base_domain/serverConfig> importCSFKey(‘SSH’, ‘PUBLIC’, ‘MFT_AD’, ‘/home/oracle/.ssh/authorized_keys’) CSF key imported successfully. wls:/base_domain/serverConfig> listCSFKeyAliases(‘SSH’, ‘PUBLIC’) Key Details ————————————————————————– ‘MFT_AD’, Format X.509, RSA wls:/base_domain/serverConfig> exit() Exiting WebLogic Scripting Tool. [oracle@oel6vb bin]$
5. Configure SFTP server with private key alias After logging in to MFT UI, go to Administration Tab. Under Embedded Servers, go to sFTP tab and complete the following:  enable SFTP  set Public Key as authenticationType  set KeyAlias to the private key alias set during import in Step III.  save settings
6. Configure MFT users and corresponding SFTP directories Now Configure MFT users and corresponding SFTP directories to be used by remote partners  From MFT UI, under Administration Tab, configure the user and the SFTP root directory, that will be used by in remote SFTP client session. Note that the userID will be the same as the Public Key Alias, used while importing the public key in Step IV. Sample screenshots for user and directory are shown below.
7. Enter SSH-Keystore Password  From the MFT UI, go to Administration tab and select KeyStore node in the left navigator tree.  Enter the password for SSH-Keystore as the same passphrase used during key pair generation on local machine in Step II.
8. Restart embedded SFTP Server  The embedded SFTP Server should be restarted for any embedded server related configuration changes to take effect. In case the SFTP server is not running, it can be started now. This wraps up the administrative setup necessary for the exercise. The following sections are part of a simple MFT design process to create a source, target and transfer.
9. Create Embedded SFTP Source  From MFT UI, go to the Designer tab. Create a SFTP Source pointing to the directory created in Step VI. Sample screenshot is shown below.
10. Create File Target  For the sake of simplicity, a local file directory is chosen as the directory. From the MFT UI, navigate to the Designer tab and create a target as shown below.
11. Create a transfer using the previous source and target  From the Designer tab within MFT UI, create a transfer using the source and target created in Steps IX and X. Sample screenshot is shown below.
12. Deploy and Test  After deploying the transfer, we are ready to test the entire flow.  We initiate the test by starting a simple, command-line SFTP client in the remote machine (slc08vby) and connecting to the embedded SFTP server running within MFT. The userID is the one specified in Step IV and VI (MFT_AD). The passphrase is the same as that used in generating the key pair in the remote machine during Step I.  After the sftp session is established, we put a file into the SFTP root directory of the user on MFT server machine, as specified in Step VI. The transcript from a sample SFTP client session is shown below. [slahiri@slc08vby ~]$ cat ~/.ssh/config.sftp Host 10.159.179.84 Port 7522 PasswordAuthentication no User MFT_AD IdentityFile /home/slahiri/sftpslc [slahiri@slc08vby ~]$ [slahiri@slc08vby ~]$ sftp -F ~/.ssh/config.sftp oel6vb Connecting to oel6vb… Enter passphrase for key ‘/home/slahiri/sftpslc’: sftp> pwd Remote working directory: /MFT_AD sftp> put sftptest.txt Uploading sftptest.txt to /MFT_AD/sftptest.txt sftptest.txt 100% 24 0.0KB/s 00:00 sftp> quit [slahiri@slc08vby ~]$
Continue…  After the SFTP operation is completed, the MFT transfer takes over. MFT picks up the file from the embedded SFTP source and places it in the directory within the local file system, defined as target. Example screenshot from Monitoring Tab of MFT UI is shown below.
Continue…  Finally, we verify that our test file is saved in the local directory specified as the target in Step X. [oracle@oel6vb in]$ pwd /home/oracle/in [oracle@oel6vb in]$ ls sftptest.txt [oracle@oel6vb in]$
References  The test case described here is one way to establish secure transfers with MFT. There are other use cases as well and will be discussed in other articles of this blog series on MFT. For further details, please contact the MFT Product Management team or SOA/MFT group within A-Team.  http://www.ateam-oracle.com/mft-setting-up-sftp-transfers-using-key-based-authentication/
Thank You!

Recommended

MFT_SOASuite_Pass_by_reference
MFT_SOASuite_Pass_by_referenceMFT_SOASuite_Pass_by_reference
MFT_SOASuite_Pass_by_referenceGetting value from IoT, Integration and Data Analytics
 
Oracle Managed File Transfer - POV
Oracle Managed File Transfer - POVOracle Managed File Transfer - POV
Oracle Managed File Transfer - POVDheeraj Kumar
 
Oracle Managed File Transfer
Oracle Managed File TransferOracle Managed File Transfer
Oracle Managed File TransferJohan Louwers
 
Managed File Transfer Presentation
Managed File Transfer PresentationManaged File Transfer Presentation
Managed File Transfer PresentationDoug Kern
 
Introduction to Biz Talk
Introduction to Biz TalkIntroduction to Biz Talk
Introduction to Biz TalkAdi Dancu
 
BizTalk Messaging Fundamentals
BizTalk Messaging FundamentalsBizTalk Messaging Fundamentals
BizTalk Messaging FundamentalsManoj Kumar
 
BizTalk Application Deployment
BizTalk Application DeploymentBizTalk Application Deployment
BizTalk Application DeploymentDaniel Toomey
 
Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001jucaab
 

Recommended

MFT_SOASuite_Pass_by_reference
MFT_SOASuite_Pass_by_referenceMFT_SOASuite_Pass_by_reference
MFT_SOASuite_Pass_by_referenceGetting value from IoT, Integration and Data Analytics
 
Oracle Managed File Transfer - POV
Oracle Managed File Transfer - POVOracle Managed File Transfer - POV
Oracle Managed File Transfer - POVDheeraj Kumar
 
Oracle Managed File Transfer
Oracle Managed File TransferOracle Managed File Transfer
Oracle Managed File TransferJohan Louwers
 
Managed File Transfer Presentation
Managed File Transfer PresentationManaged File Transfer Presentation
Managed File Transfer PresentationDoug Kern
 
Introduction to Biz Talk
Introduction to Biz TalkIntroduction to Biz Talk
Introduction to Biz TalkAdi Dancu
 
BizTalk Messaging Fundamentals
BizTalk Messaging FundamentalsBizTalk Messaging Fundamentals
BizTalk Messaging FundamentalsManoj Kumar
 
BizTalk Application Deployment
BizTalk Application DeploymentBizTalk Application Deployment
BizTalk Application DeploymentDaniel Toomey
 
Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001jucaab
 
SoCal User Group Meeting 2013-05-06
SoCal User Group Meeting 2013-05-06SoCal User Group Meeting 2013-05-06
SoCal User Group Meeting 2013-05-06Thomas Stensitzki
 
Biz Talk Overview
Biz Talk OverviewBiz Talk Overview
Biz Talk Overviewrajeshgaddam
 
Oracle Applications R12 Architecture
Oracle Applications R12 ArchitectureOracle Applications R12 Architecture
Oracle Applications R12 ArchitectureViveka Solutions
 
Java one2010 presentation-s313909
Java one2010 presentation-s313909Java one2010 presentation-s313909
Java one2010 presentation-s313909Blue Slate Solutions
 
E business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsE business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsSrinivasa Pavan Marti
 
FoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentFoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentRyan Gallavin
 
Ugf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeUgf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeBerry Clemens
 
Automated Testing for BizTalk HL7 Solutions
Automated Testing for BizTalk HL7 SolutionsAutomated Testing for BizTalk HL7 Solutions
Automated Testing for BizTalk HL7 SolutionsMichael Stephenson
 
Microsoft Windows 7 Improved Network Access
Microsoft Windows 7 Improved Network AccessMicrosoft Windows 7 Improved Network Access
Microsoft Windows 7 Improved Network AccessMicrosoft TechNet
 
Biztalk
BiztalkBiztalk
BiztalkN.Narendran
 
1. informatica power center architecture
1. informatica power center architecture1. informatica power center architecture
1. informatica power center architectureMuhammad Salah ElOkda
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to DatapowerShilpin Pvt. Ltd.
 
Elements_Architecture_and_Technology.pdf
Elements_Architecture_and_Technology.pdfElements_Architecture_and_Technology.pdf
Elements_Architecture_and_Technology.pdfJeff Smith
 
Web Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server MaintenanceWeb Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server MaintenancePort80 Software
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API SecurityJagadish Vemugunta
 
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsMicrosoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsShahab Al Yamin Chawdhury
 
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...Alfresco Software
 
Mini CTF workshop dump
Mini CTF workshop dumpMini CTF workshop dump
Mini CTF workshop dumpAmmarit Thongthua ,CISSP CISM GXPN CSSLP CCNP
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 sshAlejandro Besne
 
Kioptrix 2014 5
Kioptrix 2014 5Kioptrix 2014 5
Kioptrix 2014 5Jayesh Patel
 
SSH.pdf
SSH.pdfSSH.pdf
SSH.pdfAnisSalhi3
 
Slim Server Practical
Slim Server PracticalSlim Server Practical
Slim Server PracticalGaurav Paliwal
 

More Related Content

What's hot

SoCal User Group Meeting 2013-05-06
SoCal User Group Meeting 2013-05-06SoCal User Group Meeting 2013-05-06
SoCal User Group Meeting 2013-05-06Thomas Stensitzki
 
Oracle Applications R12 Architecture
Oracle Applications R12 ArchitectureOracle Applications R12 Architecture
Oracle Applications R12 ArchitectureViveka Solutions
 
E business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsE business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsSrinivasa Pavan Marti
 
FoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentFoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentRyan Gallavin
 
Ugf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeUgf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeBerry Clemens
 
Automated Testing for BizTalk HL7 Solutions
Automated Testing for BizTalk HL7 SolutionsAutomated Testing for BizTalk HL7 Solutions
Automated Testing for BizTalk HL7 SolutionsMichael Stephenson
 
Microsoft Windows 7 Improved Network Access
Microsoft Windows 7 Improved Network AccessMicrosoft Windows 7 Improved Network Access
Microsoft Windows 7 Improved Network AccessMicrosoft TechNet
 
1. informatica power center architecture
1. informatica power center architecture1. informatica power center architecture
1. informatica power center architectureMuhammad Salah ElOkda
 
Elements_Architecture_and_Technology.pdf
Elements_Architecture_and_Technology.pdfElements_Architecture_and_Technology.pdf
Elements_Architecture_and_Technology.pdfJeff Smith
 
Web Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server MaintenanceWeb Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server MaintenancePort80 Software
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API SecurityJagadish Vemugunta
 
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsMicrosoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsShahab Al Yamin Chawdhury
 
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...Alfresco Software
 

What's hot (17)

SoCal User Group Meeting 2013-05-06
SoCal User Group Meeting 2013-05-06SoCal User Group Meeting 2013-05-06
SoCal User Group Meeting 2013-05-06
 
Biz Talk Overview
Biz Talk OverviewBiz Talk Overview
Biz Talk Overview
 
Oracle Applications R12 Architecture
Oracle Applications R12 ArchitectureOracle Applications R12 Architecture
Oracle Applications R12 Architecture
 
Java one2010 presentation-s313909
Java one2010 presentation-s313909Java one2010 presentation-s313909
Java one2010 presentation-s313909
 
E business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsE business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administrators
 
FoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentFoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications Document
 
Ugf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeUgf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obiee
 
Automated Testing for BizTalk HL7 Solutions
Automated Testing for BizTalk HL7 SolutionsAutomated Testing for BizTalk HL7 Solutions
Automated Testing for BizTalk HL7 Solutions
 
Microsoft Windows 7 Improved Network Access
Microsoft Windows 7 Improved Network AccessMicrosoft Windows 7 Improved Network Access
Microsoft Windows 7 Improved Network Access
 
Biztalk
BiztalkBiztalk
Biztalk
 
1. informatica power center architecture
1. informatica power center architecture1. informatica power center architecture
1. informatica power center architecture
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
 
Elements_Architecture_and_Technology.pdf
Elements_Architecture_and_Technology.pdfElements_Architecture_and_Technology.pdf
Elements_Architecture_and_Technology.pdf
 
Web Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server MaintenanceWeb Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server Maintenance
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
 
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsMicrosoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
 
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
ECM Decision Matrix - Deciding Between Alfresco Community Edition, Alfresco E...
 

Similar to Oracle Managed Files Transfer- Key based authentication

Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotiklouisraj
 
Session Server - Maintaing State between several Servers
Session Server - Maintaing State between several ServersSession Server - Maintaing State between several Servers
Session Server - Maintaing State between several ServersStephan Schmidt
 
How to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsHow to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsSandesh Rao
 
How to install squid proxy on server or how to install squid proxy on centos o
How to install squid proxy on server or how to install squid proxy on centos oHow to install squid proxy on server or how to install squid proxy on centos o
How to install squid proxy on server or how to install squid proxy on centos oProxiesforrent
 
Complete MPICH2 Clustering Manual in Ubuntu
Complete MPICH2 Clustering Manual in UbuntuComplete MPICH2 Clustering Manual in Ubuntu
Complete MPICH2 Clustering Manual in UbuntuMinhas Kamal
 
How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616Huanetwork
 
Shutdown that bastion host!
Shutdown that bastion host!Shutdown that bastion host!
Shutdown that bastion host!MichaelLudvig
 
How to install Setup & Configure SSH Jump Server on a Linux box
How to install Setup & Configure SSH Jump Server on a Linux boxHow to install Setup & Configure SSH Jump Server on a Linux box
How to install Setup & Configure SSH Jump Server on a Linux boxEzee Login
 
C mode class
C mode classC mode class
C mode classAccenture
 
Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015Edwin Beekman
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios
 
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Fabrice Bernhard
 

Similar to Oracle Managed Files Transfer- Key based authentication (20)

Mini CTF workshop dump
Mini CTF workshop dumpMini CTF workshop dump
Mini CTF workshop dump
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 ssh
 
Kioptrix 2014 5
Kioptrix 2014 5Kioptrix 2014 5
Kioptrix 2014 5
 
SSH.pdf
SSH.pdfSSH.pdf
SSH.pdf
 
Slim Server Practical
Slim Server PracticalSlim Server Practical
Slim Server Practical
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotik
 
Session Server - Maintaing State between several Servers
Session Server - Maintaing State between several ServersSession Server - Maintaing State between several Servers
Session Server - Maintaing State between several Servers
 
How to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsHow to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata Environments
 
How to install squid proxy on server or how to install squid proxy on centos o
How to install squid proxy on server or how to install squid proxy on centos oHow to install squid proxy on server or how to install squid proxy on centos o
How to install squid proxy on server or how to install squid proxy on centos o
 
Complete MPICH2 Clustering Manual in Ubuntu
Complete MPICH2 Clustering Manual in UbuntuComplete MPICH2 Clustering Manual in Ubuntu
Complete MPICH2 Clustering Manual in Ubuntu
 
How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616
 
Shutdown that bastion host!
Shutdown that bastion host!Shutdown that bastion host!
Shutdown that bastion host!
 
How to install Setup & Configure SSH Jump Server on a Linux box
How to install Setup & Configure SSH Jump Server on a Linux boxHow to install Setup & Configure SSH Jump Server on a Linux box
How to install Setup & Configure SSH Jump Server on a Linux box
 
Configure ssh cell
Configure ssh cellConfigure ssh cell
Configure ssh cell
 
C mode class
C mode classC mode class
C mode class
 
Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015Chef arista devops days a'dam 2015
Chef arista devops days a'dam 2015
 
Linux administration ii-parti
Linux administration ii-partiLinux administration ii-parti
Linux administration ii-parti
 
Simple docker hosting in FIWARE Lab
Simple docker hosting in FIWARE LabSimple docker hosting in FIWARE Lab
Simple docker hosting in FIWARE Lab
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
 
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
 

More from kumar gaurav

Need Of Enterprise Integration
Need Of Enterprise IntegrationNeed Of Enterprise Integration
Need Of Enterprise Integrationkumar gaurav
 
Mulesoft file connector
Mulesoft file connectorMulesoft file connector
Mulesoft file connectorkumar gaurav
 
Mulesoft http connector
Mulesoft http connectorMulesoft http connector
Mulesoft http connectorkumar gaurav
 
Reason to connect with Mulesoft
Reason to connect with MulesoftReason to connect with Mulesoft
Reason to connect with Mulesoftkumar gaurav
 
Mulesoft idempotent Message Filter
Mulesoft idempotent Message FilterMulesoft idempotent Message Filter
Mulesoft idempotent Message Filterkumar gaurav
 
Mulesoft Using Groovy Component
Mulesoft Using Groovy ComponentMulesoft Using Groovy Component
Mulesoft Using Groovy Componentkumar gaurav
 
Mulesoft vm transport reference
Mulesoft vm transport referenceMulesoft vm transport reference
Mulesoft vm transport referencekumar gaurav
 
Mulesoft Calling Flow of Other Applications
Mulesoft Calling Flow of Other ApplicationsMulesoft Calling Flow of Other Applications
Mulesoft Calling Flow of Other Applicationskumar gaurav
 
Mulesoft Solutions for Mobile
Mulesoft Solutions for MobileMulesoft Solutions for Mobile
Mulesoft Solutions for Mobilekumar gaurav
 
Mulesoft Solutions for SOA
Mulesoft Solutions for SOAMulesoft Solutions for SOA
Mulesoft Solutions for SOAkumar gaurav
 
Mulesoft Solutions for IoT
Mulesoft Solutions for IoTMulesoft Solutions for IoT
Mulesoft Solutions for IoTkumar gaurav
 
Mulesoft Anypoint platform for APIs
Mulesoft Anypoint platform for APIsMulesoft Anypoint platform for APIs
Mulesoft Anypoint platform for APIskumar gaurav
 
Java collections concept
Java collections conceptJava collections concept
Java collections conceptkumar gaurav
 
Struggle that counts
Struggle that countsStruggle that counts
Struggle that countskumar gaurav
 
MySQL index optimization techniques
MySQL index optimization techniquesMySQL index optimization techniques
MySQL index optimization techniqueskumar gaurav
 
Security guidelines for web development
Security guidelines for web developmentSecurity guidelines for web development
Security guidelines for web developmentkumar gaurav
 
Oracle web center suit
Oracle web center suitOracle web center suit
Oracle web center suitkumar gaurav
 

More from kumar gaurav (20)

Need Of Enterprise Integration
Need Of Enterprise IntegrationNeed Of Enterprise Integration
Need Of Enterprise Integration
 
Mulesoft file connector
Mulesoft file connectorMulesoft file connector
Mulesoft file connector
 
Mulesoft http connector
Mulesoft http connectorMulesoft http connector
Mulesoft http connector
 
Reason to connect with Mulesoft
Reason to connect with MulesoftReason to connect with Mulesoft
Reason to connect with Mulesoft
 
Mulesoft idempotent Message Filter
Mulesoft idempotent Message FilterMulesoft idempotent Message Filter
Mulesoft idempotent Message Filter
 
Mulesoft Using Groovy Component
Mulesoft Using Groovy ComponentMulesoft Using Groovy Component
Mulesoft Using Groovy Component
 
Mulesoft vm transport reference
Mulesoft vm transport referenceMulesoft vm transport reference
Mulesoft vm transport reference
 
Mulesoft Calling Flow of Other Applications
Mulesoft Calling Flow of Other ApplicationsMulesoft Calling Flow of Other Applications
Mulesoft Calling Flow of Other Applications
 
Mulesoft Solutions for Mobile
Mulesoft Solutions for MobileMulesoft Solutions for Mobile
Mulesoft Solutions for Mobile
 
Mulesoft Solutions for SOA
Mulesoft Solutions for SOAMulesoft Solutions for SOA
Mulesoft Solutions for SOA
 
Mulesoft Solutions for IoT
Mulesoft Solutions for IoTMulesoft Solutions for IoT
Mulesoft Solutions for IoT
 
Mulesoft Anypoint platform for APIs
Mulesoft Anypoint platform for APIsMulesoft Anypoint platform for APIs
Mulesoft Anypoint platform for APIs
 
Java collections concept
Java collections conceptJava collections concept
Java collections concept
 
Struggle that counts
Struggle that countsStruggle that counts
Struggle that counts
 
Team Work
Team WorkTeam Work
Team Work
 
MySQL index optimization techniques
MySQL index optimization techniquesMySQL index optimization techniques
MySQL index optimization techniques
 
Security guidelines for web development
Security guidelines for web developmentSecurity guidelines for web development
Security guidelines for web development
 
Java web services
Java web servicesJava web services
Java web services
 
Oracle web center suit
Oracle web center suitOracle web center suit
Oracle web center suit
 
jQuery Beginner
jQuery BeginnerjQuery Beginner
jQuery Beginner
 

Recently uploaded

Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Crushers to screens in aggregate production
Crushers to screens in aggregate productionCrushers to screens in aggregate production
Crushers to screens in aggregate productionChinnuNinan
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - GuideGOPINATHS437943
 
Configuration of IoT devices - Systems managament
Configuration of IoT devices - Systems managamentConfiguration of IoT devices - Systems managament
Configuration of IoT devices - Systems managamentBharaniDharan195623
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Risk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectRisk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectErbil Polytechnic University
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionMebane Rash
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptMadan Karki
 
Autonomous emergency braking system (aeb) ppt.ppt
Autonomous emergency braking system (aeb) ppt.pptAutonomous emergency braking system (aeb) ppt.ppt
Autonomous emergency braking system (aeb) ppt.pptbibisarnayak0
 
National Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdfNational Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdfRajuKanojiya4
 
Ch10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdfCh10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdfChristianCDAM
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxRomil Mishra
 
Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...
Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...
Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...Erbil Polytechnic University
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleAlluxio, Inc.
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdfCaalaaAbdulkerim
 
BSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptxBSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptxNiranjanYadav41
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communicationpanditadesh123
 
Engineering Drawing section of solid
Engineering Drawing section of solidEngineering Drawing section of solid
Engineering Drawing section of solidnamansinghjarodiya
 

Recently uploaded (20)

Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Crushers to screens in aggregate production
Crushers to screens in aggregate productionCrushers to screens in aggregate production
Crushers to screens in aggregate production
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - Guide
 
Configuration of IoT devices - Systems managament
Configuration of IoT devices - Systems managamentConfiguration of IoT devices - Systems managament
Configuration of IoT devices - Systems managament
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Risk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectRisk Management in Engineering Construction Project
Risk Management in Engineering Construction Project
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of Action
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.ppt
 
Autonomous emergency braking system (aeb) ppt.ppt
Autonomous emergency braking system (aeb) ppt.pptAutonomous emergency braking system (aeb) ppt.ppt
Autonomous emergency braking system (aeb) ppt.ppt
 
National Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdfNational Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdf
 
Ch10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdfCh10-Global Supply Chain - Cadena de Suministro.pdf
Ch10-Global Supply Chain - Cadena de Suministro.pdf
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptx
 
Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...
Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...
Comparative study of High-rise Building Using ETABS,SAP200 and SAFE., SAFE an...
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdf
 
BSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptxBSNL Internship Training presentation.pptx
BSNL Internship Training presentation.pptx
 
Designing pile caps according to ACI 318-19.pptx
Designing pile caps according to ACI 318-19.pptxDesigning pile caps according to ACI 318-19.pptx
Designing pile caps according to ACI 318-19.pptx
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communication
 
Engineering Drawing section of solid
Engineering Drawing section of solidEngineering Drawing section of solid
Engineering Drawing section of solid
 

Oracle Managed Files Transfer- Key based authentication

  • 1. ORACLE-MFT Setting up SFTP Transfers using Key-based Authentication Kumar Gaurav k10gaurav@gmail.com
  • 2. Agenda  Executive Overview  Solution Approach  Overview  Task and Activity Details  References
  • 3. Executive Overview  MFT supports file transfers via SFTP. Often MFT customers receive a public key from their partners and want to use them to receive files via SFTP.  MFT includes an embedded SFTP server. We will configure it with the supplied public key to receive files from remote partners. Upon receipt of a file, a simple MFT transfer will initiate and place the file in a pre-defined directory within the local filesystem.
  • 4. Solution Approach  Overview  Task and Activity Details 1. Generate public-private key pair on the remote machine and copy the public key to MFT server 2. Generate public-private key pair on the machine running MFT server 3. Import the private key from MFT machine in MFT keystore 4. Import the public key from partner machine in MFT keystore 5. Configure SFTP server with private key alias 6. Configure MFT users and corresponding SFTP directories to be used by remote partners
  • 5. Continue… 7. Enter SSH-Keystore Password 8. Restart embedded SFTP Server 9. Create Embedded SFTP Source 10. Create File Target 11. Create a transfer using the above source and target 12. Deploy and Test
  • 7. 1. Generate public-private key pair- Remote Machine Generate public-private key pair on the remote machine and copy the public key to MFT server To generate a private-public key pair, we use the command-line tool ssh-keygen. The tool creates 2 files for private and public key. For our purposes in this exercise, we will only be using the public key by copying it to the MFT machine from here. As a common practice, all the key files are saved in $HOME/.ssh directory. [slahiri@slc08vby .ssh]$ pwd /home/slahiri/.ssh [slahiri@slc08vby .ssh]$ ssh-keygen -t rsa -b 2048 Generating public/private rsa key pair. Enter file in which to save the key (/home/slahiri/.ssh/id_rsa): sftpslc Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in sftpslc. Your public key has been saved in sftpslc.pub. The key fingerprint is: 56:db:55:48:4c:db:c4:e1:8b:70:40:a8:bf:12:07:94 slahiri@slc08vby The key’s randomart image is: +–[ RSA 2048]—-+ | . oo +o++| | E . . +=.| | . . .. .o..| | o . oo.. .| | S . .. . | | o o | | o . | | . . | | . | +—————–+ [slahiri@slc08vby .ssh] ls sftpslc sftpslc.pub [slahiri@slc08vby .ssh] cat ~/.ssh/sftpslc.pub | ssh oracle@oel6vb “cat >> ~/.ssh/authorized_keys” oracle@oel6vb’s password: [slahiri@slc08vby .ssh]
  • 8. 2. Generate public-private key pair- machine running MFT server Generate public-private key pair on the machine running MFT server As shown in the previous step, ssh-keygen is used on the MFT machine to generate a key pair. From the pair generated here, we will only be using the private key for our exercise. The session transcript is shown below. [oracle@oel6vb .ssh]$ pwd /home/oracle/.ssh [oracle@oel6vb .ssh]$ ssh-keygen -t rsa -b 2048 Generating public/private rsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_rsa): sftpmft Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in sftpmft. Your public key has been saved in sftpmft.pub. The key fingerprint is: 36:a8:ac:a7:0c:bd:34:c9:bd:cd:1b:fe:05:a8:1d:47 oracle@oel6vb The key’s randomart image is: +–[ RSA 2048]—-+ | | | | | E | | + | | + S | | o + + + o | |. * = o . | | + +.= . . | | =o. =o. | +—————–+ [oracle@oel6vb .ssh]$ ls sftpmft sftpmft.pub [oracle@oel6vb .ssh]$
  • 9. 3. Import the private key from MFT machine in MFT keystore The private key from Step II is imported into MFT keystore using WLST utility. It must be noted that for MFT, a different version of WLST is shipped and installed with the product. It is found in /mft/common/bin directory. The version of WLST in this directory must be used. The WLST session should be connected to the MFT Server port using an Administrative credential. A typical session transcript is shown below. [oracle@oel6vb .ssh]$ cd /u01/oracle/SOAInstall/mft/common/bin [oracle@oel6vb bin]$ ./wlst.sh CLASSPATH=:/u01/oracle/SOAInstall/mft/modules/oracle.mft_12.1.3.0/core- 12.1.1.0.jar Initializing WebLogic Scripting Tool (WLST) … Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands wls:/offline> connect(“weblogic”,”welcome1″,”t3://localhost:7003″) Connecting to t3://localhost:7003 with userid weblogic … Successfully connected to managed Server “mft_server1” that belongs to domain “base_domain”. Warning: An insecure protocol was used to connect to the server. To ensure on-the-wire security, the SSL port or Admin port should be used instead. wls:/base_domain/serverConfig> importCSFKey(‘SSH’, ‘PRIVATE’, ‘MFTAlias’, ‘/home/oracle/.ssh/sftpmft’) CSF key imported successfully. wls:/base_domain/serverConfig> listCSFKeyAliases(‘SSH’, ‘PRIVATE’) Key Details ————————————————————————– ‘MFTAlias’, Format PKCS#8, RSA
  • 10. 4. Import the public key from partner machine in MFT keystore The same WLST session can be used to import the public key copied over from the remote machine in Step I. It must be noted that the public key alias used here should be the same as the userID that is to be used by the remote SFTP client to connect to the embedded SFTP server. Transcript of a sample session is shown below. wls:/base_domain/serverConfig> importCSFKey(‘SSH’, ‘PUBLIC’, ‘MFT_AD’, ‘/home/oracle/.ssh/authorized_keys’) CSF key imported successfully. wls:/base_domain/serverConfig> listCSFKeyAliases(‘SSH’, ‘PUBLIC’) Key Details ————————————————————————– ‘MFT_AD’, Format X.509, RSA wls:/base_domain/serverConfig> exit() Exiting WebLogic Scripting Tool. [oracle@oel6vb bin]$
  • 11. 5. Configure SFTP server with private key alias After logging in to MFT UI, go to Administration Tab. Under Embedded Servers, go to sFTP tab and complete the following:  enable SFTP  set Public Key as authenticationType  set KeyAlias to the private key alias set during import in Step III.  save settings
  • 12. 6. Configure MFT users and corresponding SFTP directories Now Configure MFT users and corresponding SFTP directories to be used by remote partners  From MFT UI, under Administration Tab, configure the user and the SFTP root directory, that will be used by in remote SFTP client session. Note that the userID will be the same as the Public Key Alias, used while importing the public key in Step IV. Sample screenshots for user and directory are shown below.
  • 13. 7. Enter SSH-Keystore Password  From the MFT UI, go to Administration tab and select KeyStore node in the left navigator tree.  Enter the password for SSH-Keystore as the same passphrase used during key pair generation on local machine in Step II.
  • 14. 8. Restart embedded SFTP Server  The embedded SFTP Server should be restarted for any embedded server related configuration changes to take effect. In case the SFTP server is not running, it can be started now. This wraps up the administrative setup necessary for the exercise. The following sections are part of a simple MFT design process to create a source, target and transfer.
  • 15. 9. Create Embedded SFTP Source  From MFT UI, go to the Designer tab. Create a SFTP Source pointing to the directory created in Step VI. Sample screenshot is shown below.
  • 16. 10. Create File Target  For the sake of simplicity, a local file directory is chosen as the directory. From the MFT UI, navigate to the Designer tab and create a target as shown below.
  • 17. 11. Create a transfer using the previous source and target  From the Designer tab within MFT UI, create a transfer using the source and target created in Steps IX and X. Sample screenshot is shown below.
  • 18. 12. Deploy and Test  After deploying the transfer, we are ready to test the entire flow.  We initiate the test by starting a simple, command-line SFTP client in the remote machine (slc08vby) and connecting to the embedded SFTP server running within MFT. The userID is the one specified in Step IV and VI (MFT_AD). The passphrase is the same as that used in generating the key pair in the remote machine during Step I.  After the sftp session is established, we put a file into the SFTP root directory of the user on MFT server machine, as specified in Step VI. The transcript from a sample SFTP client session is shown below. [slahiri@slc08vby ~]$ cat ~/.ssh/config.sftp Host 10.159.179.84 Port 7522 PasswordAuthentication no User MFT_AD IdentityFile /home/slahiri/sftpslc [slahiri@slc08vby ~]$ [slahiri@slc08vby ~]$ sftp -F ~/.ssh/config.sftp oel6vb Connecting to oel6vb… Enter passphrase for key ‘/home/slahiri/sftpslc’: sftp> pwd Remote working directory: /MFT_AD sftp> put sftptest.txt Uploading sftptest.txt to /MFT_AD/sftptest.txt sftptest.txt 100% 24 0.0KB/s 00:00 sftp> quit [slahiri@slc08vby ~]$
  • 19. Continue…  After the SFTP operation is completed, the MFT transfer takes over. MFT picks up the file from the embedded SFTP source and places it in the directory within the local file system, defined as target. Example screenshot from Monitoring Tab of MFT UI is shown below.
  • 20. Continue…  Finally, we verify that our test file is saved in the local directory specified as the target in Step X. [oracle@oel6vb in]$ pwd /home/oracle/in [oracle@oel6vb in]$ ls sftptest.txt [oracle@oel6vb in]$
  • 21. References  The test case described here is one way to establish secure transfers with MFT. There are other use cases as well and will be discussed in other articles of this blog series on MFT. For further details, please contact the MFT Product Management team or SOA/MFT group within A-Team.  http://www.ateam-oracle.com/mft-setting-up-sftp-transfers-using-key-based-authentication/