000034322 - Allow SCP or SSH to another appliance without password prompt in RSA Netwitness

Document created by RSA Customer Support Employee on Nov 4, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000034322
Applies ToRSA Product Set: Netwitness for Logs/Packets
RSA Product/Service Type: SA Core Appliance
RSA Version/Condition: 10.4.x, 10.5.x, 10.6.x
IssueBy default, while trying to SCP or SSH from one appliance to another, it prompts for the password of the destination appliance. This can be an issue while trying to run a script which would automatically copy files from one appliance to another.
ResolutionTo fix this, generate ssh-key pairs so that the appliance trusts each other
The example below shows the steps to generate key on SA server and copy it to the Log Decoder so that SSH from SA to Log Decoder is trusted
[root@saserver2 log]# ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): # Hit Enter
Enter passphrase (empty for no passphrase): # Hit Enter
Enter same passphrase again: # Hit Enter
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.

Now copy this public key to the Log Decoder
[root@saserver2 log]# ssh-copy-id root@<Log Decoder IP>

Once complete, an SSH to the Log Decoder will not prompt for a password