search

Key Pair Authentication

1

hashtag
Generate an Unencrypted or Encrypted Private Key

  • Unencrypted Private Key:

openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt

  • Encrypted Private Key:

openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out rsa_key.p8
2

hashtag
Generate a Public Key 

openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
3

hashtag
Assign the public key to a Snowflake user

ALTER USER TELESKOPE_USER SET RSA_PUBLIC_KEY='MIIBIjANBgkqh...';
circle-info

Exclude the public key delimiters in the SQL statement.

4

hashtag
Verify the user’s public key fingerprint

  1. Retrieve the User's Public Key Fingerprint (In Snowflake) and note the output:

DESC USER TELESKOPE_USER
  ->> SELECT SUBSTR(
        (SELECT "value" FROM $1
           WHERE "property" = 'RSA_PUBLIC_KEY_FP'),
        LEN('SHA256:') + 1) AS key;

  1. Run the following command on command line: 

openssl rsa -pubin -in rsa_key.pub -outform DER | openssl dgst -sha256 -binary | openssl enc -base64

  1. Compare the outputs. If both outputs match, the user correctly configured their public key. Go back to the Enrollment step on the previous page to complete enrollment.

PreviousSnowflakeNextZendesk

Last updated

Was this helpful?