SSH your SAP Cloud Platform CF app
—-
Update – March 12th 2018: The described procedure now results in “Permission denied” when running from Putty.
cf ssh [appname] still works, just remember to first call cf enable-ssh [app-name] and restart.
—-
Are you wondering what the devil is going on at other end after your CF PUSH? In my case, my app had a feature where files were stored on the server, and I wanted to take a look under the bonnit to see if it was doing the right thing. I still haven’t found a good way of doing this using the cockpit, therefore SSH could be a good option here.
As a sworn Windows user, I wanted to use PuTTY. You might have other SSH clients as your first choice – and my guess is that they work in the same manner and that you can reuse some of the steps below.
Short disclaimer: If you don’t know SSH you should consider stopping here. You can mess things up there, even without admin/sudo rights. Be warned.
The following walk-through will get you connected to your SAP Cloud Platform Cloud Foundry tenant. It assumes that you are familiar with deploying apps to the Cloud Foundry environment, and that you have the Cloud Foundry Command Line Interface (CLI) and PuTTY installed.
You should be logged on to your endpoint in a command line window and have your application deployed before you follow this approach.
- In your command line window, query your endpoint to get the correct domain name and port by using the following command.
cf curl /v2/info - Note the ssh endpoint and port:
- Then you want to get the guid of your application, this you get by running the following command:
cf app [name of your app] --guid - Note your guid, it will look something like this:
- Next thing, you need to generate a onetime authorization code for SSH. Run the command
cf ssh-code - Take a note of it, but remember that it could only be used once. It should look something like this:
- Now it’s time to put it all to work. The structure you are looking for to start PuTTY is the following:
putty -ssh -P [port] [app guid]/[domain endpoint] - In my case, it looks like this:
- This will open a nice PuTTY SSH window for you:
- This is where you enter the authorization code from step 6. Case sensitive. No echo – so do it correctly. If you get an “Access denied”, run step 6 again. The reward is sweet:
That’s it. Now, you can for instance check chmod, look at the files in your app (you will find that under the /app folder up top) or other useful stuff.
I’m not pretending to be a Linux guru, so my only advice is to be careful with what commands you execute here. Thanks for reading! I hope it was useful, and that you will share ssh tricks that are useful to others.
/simen
Twitter: https://twitter.com/simenhuuse
LinkedIn: https://www.linkedin.com/in/simenhuuse/
Hi Simen,
does this still work? I´m only getting the message "Permission denied, please try again."
Anton
Hi Anton,
Thanks for picking that up. I get the same - so probably they shut the valve somehow.
I will update the blog and hopefully there is an alternative.
Best,
Simen
Hello Simen,
Why dont you simply use command "cf ssh appname"?
Hi Erhan,
Thanks, yes - that works - thanks - will update!
Best regards ,
SImen
Hi Simen,
did that work for you?
I´m getting:
FAILED
Error opening SSH connection: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
Best Regards,
Anton
After you have enabled the application for ssh you have to restart it to be able to open a terminal to it.
https://launchpad.support.sap.com/#/notes/0002585659