Snowflake Key Pair Authentication

Snowflake does a great job on documenting the key pair process using bash for Linux environments. That’s great, but what if you need to work within a windows environment and use the command line. Its similar but worth a blog post.

First, what is key pair authentication and why? Sometimes you just don’t want to use basic native usernames and passwords for connecting 3rd party or developed apps, this is a more secure way of authenticating to snowflake database. It supports many drivers / connectors as per below.

First thing you need is open-ssl download it and install it. https://www.openssl.org/source/ once installed CD to it.

cd C:\Program Files\OpenSSL-Win64\bin

We are going to generate a private key protected by a passphrase and the relevant public key. Such as.

openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out aruntest_key.p8
openssl rsa -in aruntest_key.p8 -out aruntestpublic1_key.pub -pubout

Then you should navigate to the directly to where the output file exists and extract the contents of the PUB file. We then use that within the snowflake user. Always extract the content between the

–BEGIN ENCRYPTED PRIVATE KEY—–

—–END ENCRYPTED PRIVATE KEY—–

Then we need to run the below.

ALTER USER ARUN
set rsa_public_key='verycomplexkeys';

Then the connecting driver / app needs access to the key and it will work.

snowsql -a youraccount -u "yourusers" 
private-key-path "F:\hello\whatever.p8"

You can then DESC the user and see that key pair is being used by looking at the below columns.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s