SSH access is individual and requires the use of a SSH keys. Password authentication is not possible.
An SSH key is required to connect to your environment and also to have access to the Enterprise Edition repository. It’s recommended to use the same SSH key for both accesses for a given user.
- Learn how to generate a new SSH key and add it to your SSH agent on GitHub Help Center.
- Learn how to authorize your SSH key to access your environment by visiting Akeneo Help Center.
Always use akeneo as the user to connect to your server. It is an unprivilege user with limited access to system operations.
No dedicated account will be created and no root access will be authorized. Privilege escalation is possible for specific tasks.
ssh -A email@example.com akeneo@my-project-staging:~$ pwd # output: /home/akeneo
Using -A will forward your SSH agent to the server and allow you to access the Akeneo Entreprise repository once connected.
Error: Permission Denied¶
ssh -A firstname.lastname@example.org email@example.com: Permission denied (publickey).
Your SSH key is not allowed on the server and/or the user is not correct. Specify the private key to use with:
ssh -A firstname.lastname@example.org -i /path/to/private_key
If the connection is not successful, make sure your key is registered on Akeneo Portal and is marked as activated. If the connection is successful, it means your identity has not been properly registered to your SSH agent.
eval "$(ssh-agent -s)" ssh-add /path/to/private_key
Error: Connection refused¶
ssh -A email@example.com ssh: connect to host firstname.lastname@example.org port 22: Connection refused
Something prevents the connection from being established, it can mean that:
- you have a firewall that blocks the port 22 or SSH protocol. Contact your administrator to check for such restrictions.
- your IP adress is not allowed to connect. IP access ranges have to be explicitely allowed through the Portal.
- if none of the above apply, please contact us.
SSH File Transfer Protocol (SFTP)¶
This access can only be granted upon request, after a Cloud ticket has been created through the helpdesk. Please allow some time for our Team to create the access for you.
You can request several SFTP accesses, and each one has its own credentials that can be shared. Those credentials are independent from SSH key accesses. IP access restrictions apply to SFTP as well as to SSH.
Each SFTP access can access one folder that is also accessible by the user akeneo, so it can be used by scripts you’d create to interact with the PIM.
sftp email@example.com firstname.lastname@example.org's password: Connected to email@example.com. sftp>
You can also use tools such as Filezilla or any SFTP client.
Files Permissions for SFTP¶
If akeneo, as an SSH user or as a PIM process, creates files in the SFTP sub-directories, permissions have to be set so that SFTP users can rename or delete them.
$ chmod u=rwX,g=rwXs,o= /data/transfert/pim/*
Copy data from one instance to another¶
User wants to transfer a SQL dump file from production instance their staging instance:
- User connects with SSH and forwards their local ssh-agent towards
> project.akeneo.cloud.com, and runs scp command towards
👨💼 💻 ──────> 🔑 ──────> 🖥 ────── 🔑 ──────> 📂 ──────> 🖥
- Get SSH key access to both intances for akeneo user.
- Get network access to instances.
eval `ssh-agent` ssh-add ~/.ssh/id_rsa ssh -tA firstname.lastname@example.org scp dump.sql akeneo@project:dump.sql
On the SCP command, please note that no domain is specified.
Use the short host name of instance. Connect to the target server and run hostname to get this value.
Found a typo or a hole in the documentation and feel like contributing?
Join us on Github!