Enable SSH for the Database Agent

Note: For Linux hosts only: Applies only when Database Agent is running on a Linux host.

When the Database Agent is running on Linux and you want to monitor hardware, except to monitor the local host, authentication is required and a password is passed between the Database Agent and the database server.

Note: SSH port option: The SSH port option does not appear unless the Database Agent is running on Linux.
  1. On the agent machine, generate the rsa or dsa key as follows:

    • Generate rsa key:

      % ssh-keygen -b 1024 -f id_rsa -t rsa

    • Generate dsa key: 

      % ssh-keygen -b 1024 -f id_dsa -t dsa

    This will create a rsa or dsa 1024-bit key and put the keys into /home/<user_name>/.ssh/id_rsa and /home/<user_name>/.ssh/id_rsa.pub or /home/<user_name>/.ssh/id_dsa' and /home/<user_name>/.ssh/ida_dsa.pub' files. Do not change the names of these files.

  2. Copy the private key, /home/<user_name>/.ssh/id_rsa /home/<user_name>/.ssh/id_id_dsa into the <db-agent_home>/keys directory.
  3. On both the monitored machine and the agent machine, verify that you have the correct permissions on the .ssh directory or set .ssh directory permissions as follows: 
    % cd /home/<user_name>
% chmod 755 .ssh
  4. On the monitored machine, verify that you have a /home/<user_name>/.ssh/authorized_keys file. If you do not have this file, create the authorized_keys file on the monitored machine as follows: 
    % cd /home/<user_name>/.ssh
% touch .ssh/authorized_keys
  5. Verify that you have the correct permissions to the /home/<user_name>/.ssh/authorized_keys file or change the permissions as follows: 
    % cd /home/<user_name>/.ssh
% chmod 644 authorized_keys
  6. Append (do not copy) the file id_rsa.pub or the id_dsa.pub to the file, /home/<user_name>/.ssh/authorized_keys, such as follows:

    • Append rsa public key to authorized key: 

      % echo /home/<user_name>/.ssh/id_rsa.pub >> /home/<user_name>/.ssh/authorized_keys
    • Append dsa public key to authorized key:
      % echo /home/<user_name>/.ssh/id_dsa.pub >> /home/<user_name>/.ssh/authorized_keys
    The SSH port of the database Collector is set to 22 by default. You can change it by navigating to the Monitoring Hardware section of the Collector configuration dialog. In the dialog, set the SSH port to the port your require.
  7. Save your change to the Collector configuration and restart the Database Agent.

For Linux, Splunk AppDynamics also supports certificate-based authentication via Privacy Enhanced Mail (PEM). To implement certificate-based authentication:

  1. Enable the Use certificate option in the Monitoring hardware section of the Collector configuration dialog.
  2. Copy the PEM file to the <db_agent_home>/keys directory. Note, if the home/<user_home>/.ssh directory exists, the agent will use the certificate found there.
  3. Restart the agent.