Environment accesses¶
SSH¶
SSH access is individual and requires the use of SSH keys. Password authentication is not possible.
Note
An SSH key is required to connect to your environment and also to have access to the Enterprise Edition repository. It’s recommended to use the same SSH key for both accesses for a given user.
Connection¶
Learn how to generate a new SSH key and add it to your SSH agent on GitHub Help Center.
Learn how to authorize your SSH key to access your environment by visiting Akeneo Help Center.
Always use akeneo as the user to connect to your server. It is a user with limited access to system operations.
Warning
No dedicated account will be created and no root access will be authorized. Privilege escalation is possible for specific tasks.
ssh -A akeneo@my-project-staging.cloud.akeneo.com
akeneo@my-project-staging:~$ pwd
# output: /home/akeneo
Note
Using -A will forward your SSH agent to the server and allow you to access the Akeneo Entreprise repository once connected.
Troubleshooting¶
Error: Permission Denied¶
ssh -A akeneo@my-project-staging.cloud.akeneo.com
akeneo@my-project-staging.cloud.akeneo.com: Permission denied (publickey).
Your SSH key is not allowed on the server and/or the user is not correct. Specify the private key to use with:
ssh -A akeneo@my-project-staging.cloud.akeneo.com -i /path/to/private_key
If the connection is not successful, make sure your key is registered on Akeneo Portal and is marked as activated. If the connection is successful, it means your identity has not been properly registered to your SSH agent.
# To add your key to ssh-agent
eval "$(ssh-agent -s)"
ssh-add /path/to/private_key
Error: Connection refused¶
ssh -A akeneo@my-project-staging.cloud.akeneo.com
ssh: connect to host akeneo@my-project-staging.cloud.akeneo.com port 22: Connection refused
Something prevents the connection from being established, it can mean that:
you have a firewall that blocks port 22 or SSH protocol. Contact your administrator to check for such restrictions.
your IP address is not allowed to connect. IP access ranges have to be explicitly allowed through the Portal.
if none of the above apply, please contact us.
SSH File Transfer Protocol (SFTP)¶
This access can only be granted upon request, you must submit a ticket through the helpdesk. Please allow some time for our team to create the access for you.
Note
You can request several SFTP accesses, and each one has its own credentials that can be shared. Those credentials are independent from SSH key accesses. IP access restrictions apply to SFTP as well as to SSH.
Each SFTP access can access one folder that is also accessible by the user akeneo.
sftp akeneosftp@my-project-staging.cloud.akeneo.com
akeneosftp@y-project-staging.cloud.akeneo.com's password:
Connected to akeneosftp@my-project-staging.cloud.akeneo.com.
sftp>
You can also use tools such as Filezilla or any SFTP client.
Files Permissions for SFTP¶
Files created by akeneo user in the SFTP sub-directories, can be modified by SFTP users.
$ chmod u=rwX,g=rwXs,o= /data/transfert/pim/*
Data Transfer Between Instances¶
Copy data from one instance to another¶
Instances within the same projects (ex: production and staging instances) share an internal network that allows them to transfer data between them.
Scenario:
A user wants to transfer a backup of the database from the production instance to the staging instance:
Note
- User connects with SSH and forwards their local ssh-agent towards
> project.akeneo.cloud.com, and runs scp command towards
> project-staging.akeneo.cloud.com
👨💼 💻 ──────> 🔑 ──────> 🖥 ────── 🔑 ──────> 📂 ──────> 🖥
Prerequisites:
Get SSH key access to both instances for akeneo user.
Get network access to instances.
Usage:
eval `ssh-agent`
ssh-add ~/.ssh/id_rsa
ssh -tA akeneo@project-staging.cloud.akeneo.com
scp database_backup.sql akeneo@project:database_backup.sql
Warning
On the SCP command, please note that no domain is specified.
Use the short hostname of the instance, you can find this value by connect to the target instance and run hostname to get this value.
Found a typo or a hole in the documentation and feel like contributing?
Join us on Github!