BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
RexDeus9
Quartz | Level 8

Hi,

I want to use the 'sas-viya' CLI tool with Viya 21-##-##. I've set the trusted certificate (copied from the sas-logon pod) and a valid sas user, I get 'Login failed. Bad userid or password'.

While trying the documented 'sas-viya --insecure auth login', which bypasses the TLS auth, I still can't connect.

 

Attached is the output I get using: sas-viya --insecure auth login --verbose

 

Any clues appreciated. Thx.

 

sas-viya-login-error.png

1 ACCEPTED SOLUTION

Accepted Solutions
RexDeus9
Quartz | Level 8

Thank you for the replies provided. I was able resolved the issue with the following:

 

sas-admin profile init

Enter: http://sasserver.demo.sas.com

*** RESET TOKEN ***

sas-admin --verbose --profile Default -k auth login

Enter <UserID>/<Password>

 

All is good!

View solution in original post

11 REPLIES 11
DavidHD
SAS Employee
Hi,

do you by chance have a URL special character in your password? If so please URL encode it and try to authenticate again.
RexDeus9
Quartz | Level 8

Hi David,

 

Thank you for such a quick reply. No, I don't have URL special character, it's the very common 'Orion123'. I don't understand why we are provided with the '-k' and '--insecure' arguments to bypass TLS, but it doesn't.

 

gwootton
SAS Super FREQ
How are you determining the --insecure, -k option is not bypassing TLS validation?

From your screenshot you've provided the URL as http not https, and --verbose should be before "auth login"
--
Greg Wootton | Principal Systems Technical Support Engineer
RexDeus9
Quartz | Level 8

Hi,

 

Yes thank you, I corrected the '--verbose' argument afterwards (did not update the screen shot), and still no luck.

 

Using '-k' (or --insecure) still ask you for the userid/password.

 

 

gwootton
SAS Super FREQ
Are you expecting it not to ask for your user ID and password? That should happen when you run auth login.
--
Greg Wootton | Principal Systems Technical Support Engineer
sangavis37
Obsidian | Level 7

This is what I normally do and it always works for me
export SSL_CERT_FILE=/opt/sas/viya/config/etc/SASSecurityCertificateFramework/cacerts/trustedcerts.pem
/opt/sas/viya/home/bin/sas-admin profile set-endpoint "<url>"
/opt/sas/viya/home/bin/sas-admin profile toggle-color off
/opt/sas/viya/home/bin/sas-admin profile set-output fulljson
/opt/sas/viya/home/bin/sas-admin auth login --user '<user>' --password '<password>'

RexDeus9
Quartz | Level 8

Hi,

 

Please read carefully, I'm using 'sas-viya' CLI tool, not 'sas-admin', which is intended for Viya 3.x, while 'sas-viya' is for Viya 21xx-xx and above.

 

Thank you.

 

 

gwootton
SAS Super FREQ
sas-viya and sas-admin work very similarly. If you have the certificate from sas-logon-app pod you can specify it in the environment variable SSL_CERT_FILE. The other commands mentioned are also valid with the sas-viya command.

Command-Line Interface: Preliminary Instructions
https://go.documentation.sas.com/doc/en/sasadmincdc/v_037/calcli/n1e2dehluji7jon1gk69yggc6i28.htm
--
Greg Wootton | Principal Systems Technical Support Engineer
doug_sas
SAS Employee

TLS/SSL is not your problem. Also, @sangavis37 's commands will work if you replace sas-admin with sas-viya.

Is the endpoint URL you are going to correct? http://sasserver.demo.sas.com does not exist according to my browser.

DavidHD
SAS Employee

The -k/--insecure mean that the certificate validation step is skipped.

 

I would suggest trying to ping the server (http://sasserver.demo.sas.com) from the command line and make sure that you get something in return.

 

Next try logging in using:

sas-viya -k auth login -u sas -p Orion123

RexDeus9
Quartz | Level 8

Thank you for the replies provided. I was able resolved the issue with the following:

 

sas-admin profile init

Enter: http://sasserver.demo.sas.com

*** RESET TOKEN ***

sas-admin --verbose --profile Default -k auth login

Enter <UserID>/<Password>

 

All is good!

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 11 replies
  • 4807 views
  • 0 likes
  • 5 in conversation