Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSH into CloudFoundry - Trouble?

Benny
Product and Topic Expert
Product and Topic Expert
‎09-12-2018 11:41 AM
As you might know it is possible to SSH into a CloudFoundry container (meaning to have a terminal connection into it in case Linux is not your first home...). BUT there are obstacles. I am not aware if this is just an awkward handling of things or even a bug. However, I know that at least three people spend hours to find out what's the problem (and I'm sure there are loads more of them).

SSH into CF, in theory


Once you have installed the command line interface for Cloudfoundry (CF CLI) it is easy for you to access a lot of useful stuff which is described in the CloudFoundry manuals

One of them is the ssh command. But before it works you need to enable it with

cf enable-ssh myapp

You need to understand that the application and also your space has to be ssh enabled. the latter usually is, the app is not. In fact it looks like it automatically switches off the enabling after a while (and that might be the change that caused a lot of head scratching).

All the details about ssh command can be found in Application SSH Overview.

SSH into CF, reality


Now, even if you have done all of this you might experience this:

C:\Users\d034365>cf ssh myapp
FAILED
Error opening SSH connection: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain

You are exactly at the point where I got some more gray hair and had to find out the hard way that enabling ssh is not enough. Because what you need to do after enabling is to restart your app!

C:\Users\d034365>cf restart myapp
Restarting app myapp in org A-Team_shared / space 06_Wukla as benny.schaich-lebek@sap.com...

Stopping app...

Waiting for app to start...

name: myapp
requested state: started
instances: 1/1
usage: 1G x 1 instances
routes: xxxxxxxx.cfapps.eu10.hana.ondemand.com, xxxxx.cfapps.eu10.hana.ondemand.com
last uploaded: Wed 12 Sep 08:39:43 CEST 2018
stack: cflinuxfs2
docker image: xxxxx/dev:sap_0.1.8
start command: /home/xxxxxxx/app/entrypoint.sh /bin/bash start.sh

state since cpu memory disk details
#0 running 2018-09-12T08:27:06Z 38.3% 138.3M of 1G 1.8G of 4G

C:\Users\d034365>cf ssh-enabled myapp
ssh support is enabled for 'myapp'

 

Only now you can do the ssh command:

C:\Users\d034365>cf ssh myapp
root@xxxx-xxxx-xxxx-xxxx:~#

And suddenly you are in the arms of Linux.

There is more possible. For example port forwarding so you can use your favorite tools, but others have described this already, so I just link there at the end of this blog entry.

I did not yet find out why this has been changed to a more complicated way (at least I assume it was a change as others did not mention it in their blogs) but have an imagination that there is some security issue behind that -as usual.

Hope this helps!

 

Others describing more details:

SSH your SAP Cloud Platform CF app


Very in detail:

How to use an SSH tunnel with SCP Cloud Foundry backing-service


 

Update:


This can be also found in SAP notes: https://launchpad.support.sap.com/#/notes/2585659
5 Comments
Labels in this area
Popular Blog Posts