BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
RexDeus9
Quartz | Level 8

Hi,

I want to use the 'sas-viya' CLI tool with Viya 21-##-##. I've set the trusted certificate (copied from the sas-logon pod) and a valid sas user, I get 'Login failed. Bad userid or password'.

While trying the documented 'sas-viya --insecure auth login', which bypasses the TLS auth, I still can't connect.

 

Attached is the output I get using: sas-viya --insecure auth login --verbose

 

Any clues appreciated. Thx.

 

sas-viya-login-error.png

1 ACCEPTED SOLUTION

Accepted Solutions
RexDeus9
Quartz | Level 8

Thank you for the replies provided. I was able resolved the issue with the following:

 

sas-admin profile init

Enter: http://sasserver.demo.sas.com

*** RESET TOKEN ***

sas-admin --verbose --profile Default -k auth login

Enter <UserID>/<Password>

 

All is good!

View solution in original post

11 REPLIES 11
DavidHD
SAS Employee
Hi,

do you by chance have a URL special character in your password? If so please URL encode it and try to authenticate again.
RexDeus9
Quartz | Level 8

Hi David,

 

Thank you for such a quick reply. No, I don't have URL special character, it's the very common 'Orion123'. I don't understand why we are provided with the '-k' and '--insecure' arguments to bypass TLS, but it doesn't.

 

gwootton
SAS Super FREQ
How are you determining the --insecure, -k option is not bypassing TLS validation?

From your screenshot you've provided the URL as http not https, and --verbose should be before "auth login"
--
Greg Wootton | Principal Systems Technical Support Engineer
RexDeus9
Quartz | Level 8

Hi,

 

Yes thank you, I corrected the '--verbose' argument afterwards (did not update the screen shot), and still no luck.

 

Using '-k' (or --insecure) still ask you for the userid/password.

 

 

gwootton
SAS Super FREQ
Are you expecting it not to ask for your user ID and password? That should happen when you run auth login.
--
Greg Wootton | Principal Systems Technical Support Engineer
sangavis37
Obsidian | Level 7

This is what I normally do and it always works for me
export SSL_CERT_FILE=/opt/sas/viya/config/etc/SASSecurityCertificateFramework/cacerts/trustedcerts.pem
/opt/sas/viya/home/bin/sas-admin profile set-endpoint "<url>"
/opt/sas/viya/home/bin/sas-admin profile toggle-color off
/opt/sas/viya/home/bin/sas-admin profile set-output fulljson
/opt/sas/viya/home/bin/sas-admin auth login --user '<user>' --password '<password>'

RexDeus9
Quartz | Level 8

Hi,

 

Please read carefully, I'm using 'sas-viya' CLI tool, not 'sas-admin', which is intended for Viya 3.x, while 'sas-viya' is for Viya 21xx-xx and above.

 

Thank you.

 

 

gwootton
SAS Super FREQ
sas-viya and sas-admin work very similarly. If you have the certificate from sas-logon-app pod you can specify it in the environment variable SSL_CERT_FILE. The other commands mentioned are also valid with the sas-viya command.

Command-Line Interface: Preliminary Instructions
https://go.documentation.sas.com/doc/en/sasadmincdc/v_037/calcli/n1e2dehluji7jon1gk69yggc6i28.htm
--
Greg Wootton | Principal Systems Technical Support Engineer
doug_sas
SAS Employee

TLS/SSL is not your problem. Also, @sangavis37 's commands will work if you replace sas-admin with sas-viya.

Is the endpoint URL you are going to correct? http://sasserver.demo.sas.com does not exist according to my browser.

DavidHD
SAS Employee

The -k/--insecure mean that the certificate validation step is skipped.

 

I would suggest trying to ping the server (http://sasserver.demo.sas.com) from the command line and make sure that you get something in return.

 

Next try logging in using:

sas-viya -k auth login -u sas -p Orion123

RexDeus9
Quartz | Level 8

Thank you for the replies provided. I was able resolved the issue with the following:

 

sas-admin profile init

Enter: http://sasserver.demo.sas.com

*** RESET TOKEN ***

sas-admin --verbose --profile Default -k auth login

Enter <UserID>/<Password>

 

All is good!

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 11 replies
  • 1536 views
  • 0 likes
  • 5 in conversation