We are planning to switch from password-based authentication to key-pair authentication for SAS to Snowflake connection. Our current requirement is:
1. Overnight batch/service account: use key-pair authentication
2.User authentication: normal password authentication with DUO MFA
We are using SAS 9.4M7 on a RHEL server.
I have created two DSNs in the odbc.ini file:
1.Password-based DSN: without the authenticator parameter
2.Key-pair DSN: with authenticator=snowflake_jwt and the PRIVATE_KEY_FILE and PRIVATE_KEY_FILE_PWD parameters
Using the key-pair DSN, I can successfully run the LIBNAME statement from SAS Enterprise Guide and connect to Snowflake. Also I can able to define a SAS pre-assigned library for key-pair authentication and I can successfully able to use that.
All our connection are using pre-assigned library via proc sql; connect using library_name. We cant use libname statement.
Challenge
Regarding the Private_key_file path and passphrase password on odbc.ini file
Questions:
1. I will not able to pass PRIV_KEY_FILE and PRIV_KEY_FILE_PWD directly in the odbc.ini file due to security concern. Will there be any way to securely store is on Linux and use it in SAS?
I have attempted to set environment variables as follows, but it did not work:
export PRIV_KEY_FILE
export PRIV_KEY_FILE_PWD
Could you please advise on the recommended approach to overcome these issues?
Thank you for your time and guidance.