Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

SFTP Authentication Process with Saviynt EIC

aarthianand93
New Contributor II
New Contributor II

Hi Team,

We see there are three mechanisms for Authentication which are supported in Saviynt:

  • PASSWORD

  • SSH_KEY

  • PEM_KEY_FILE

We need to understand the authentication process using PEM file and how it happens at the backend between Saviynt EIC and SFTP server. (step by step process)

We are performing integration between SFTP and Saviynt EIC. Please let us know if this possible through certificate based authentication as client is looking for this. Please let us know if this is supported. 

Regards,

Aarthi A

 

1 REPLY 1

rushikeshvartak
All-Star
All-Star

Here's a step-by-step overview of how certificate-based authentication using PEM files works between Saviynt EIC (Enterprise Integration Connector) and an SFTP server:

  1. Generate Key Pair: The first step is to generate a key pair (public and private key) using a tool like OpenSSL or other key management tools. This generates a PEM file containing the private key and another PEM file containing the public key.

  2. Configure SFTP Server: The public key from the key pair needs to be added to the SFTP server's authorized_keys file. This tells the server to accept connections from clients presenting this specific public key for authentication.

  3. Configure Saviynt EIC: In the Saviynt EIC configuration, you'll need to specify the location of the PEM file containing the private key. This is typically done in the connection settings or authentication settings of the Saviynt EIC.

  4. Connection Establishment: When Saviynt EIC attempts to establish a connection with the SFTP server, it presents the private key from the PEM file to the server during the authentication process.

  5. Server Authentication: The SFTP server verifies the authenticity of the client (Saviynt EIC) by checking if the presented public key matches any of the keys listed in its authorized_keys file.

  6. Access Granting: If the server verifies the client successfully (i.e., the public key matches), it grants access to the Saviynt EIC to perform the requested operations (such as uploading, downloading files).

Certificate-based authentication using PEM files offers a secure and efficient way to authenticate clients to servers. It eliminates the need for passwords and provides a robust mechanism for ensuring the identity of the connecting client.

 

rushikeshvartak_0-1714712229261.png

 

 

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.