Key Pair Authentication

1

Generate an Unencrypted or Encrypted Private Key

  • Unencrypted Private Key:

openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt

  • Encrypted Private Key:

openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out rsa_key.p8
2

Generate a Public Key 

openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
3

Assign the public key to a Snowflake user

ALTER USER TELESKOPE_USER SET RSA_PUBLIC_KEY='MIIBIjANBgkqh...';

Exclude the public key delimiters in the SQL statement.

4

Verify the user’s public key fingerprint

  1. Retrieve the User's Public Key Fingerprint (In Snowflake) and note the output:

DESC USER TELESKOPE_USER
  ->> SELECT SUBSTR(
        (SELECT "value" FROM $1
           WHERE "property" = 'RSA_PUBLIC_KEY_FP'),
        LEN('SHA256:') + 1) AS key;

  1. Run the following command on command line: 

openssl rsa -pubin -in rsa_key.pub -outform DER | openssl dgst -sha256 -binary | openssl enc -base64

  1. Compare the outputs. If both outputs match, the user correctly configured their public key. Go back to the Enrollment step on the previous page to complete enrollment.

PreviousSnowflakeNextAzure

Last updated

Was this helpful?