Has anyone setup matilion to work with Snowflake MFA using DUO. Is there a way to auto request a passcode and to use it to log in to SF?

tpark · August 7, 2023, 6:19pm

Has anyone setup matilion to work with Snowflake MFA using DUO.

AnudeepK · June 12, 2024, 9:46am

I would recommend using an account with key pair authentication for Matillion. Username and password option with MFA might be tricky as it keeps triggering push notifications to approve for every connection

WilliamAubrey · June 12, 2024, 9:33pm

Hi @AnudeepK ,

Any chance you used these guidelines to create the keypair? https://docs.snowflake.com/en/user-guide/key-pair-auth

This article was recommended to me, but I'm not getting correct results.

AnudeepK · June 12, 2024, 9:39pm

Yes, that’s how you do it. What issues are you facing ?

WilliamAubrey · June 12, 2024, 11:21pm

Excellent! Appreciate any tips you can offer.

These are the steps i've taken:

Followed this youtube video to install OpenSSL for windows (via openssl.org which points to slproweb.com)
Followed the article verbatim
- Generate Private key using a password
- Generate Public key (points to private key using a "passphrase" that only works if you use the "password" from creating the private key)
- Execute the "ALTER USER" command to set the RSA_PUBLIC_KEY (using the text excluding header and footer from the public key file)
Repeated those steps multiple times, but could not get the output to match on the step to "Verify the user’s public key fingerprint"

Feel like i'm following the steps exactly, but i can't figure out where i'm going wrong.

Appreciate any thoughts you may have on this.

AnudeepK · June 13, 2024, 1:54am

Can you please try including everything in the public key, including header and footer. Please do not exclude anything. It should work !!

WilliamAubrey · June 13, 2024, 1:50pm

Hi @AnudeepK ,

Appreciate your thoughts on this. Looks like Snowflake does not like the header/footer (what they are calling "public key delimiters") in the ALTER USER statement (user name and a portion of the key are redacted):

USE ROLE SECURITYADMIN;

ALTER USER [REDACTED] SET RSA_PUBLIC_KEY='-----BEGIN PUBLIC KEY-----

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c5GNYu/OnIfiMjvZTt/

[REDACTED]

o1fpPoHUjpt5Czbr0E9FYCNpVhs5kvI+OOlO9/Z9svvBUVY7WA/9LEggtsXAKMR0

rwIDAQAB

-----END PUBLIC KEY-----';

This returns the error:

SQL execution error:

New public key rejected by current policy. Reason: 'Invalid public key'

Topic		Views
What is the method of using the 'Private Key' function in Matillion to connect to Snowflake? Matillion ETL	1	March 30, 2023
Has anyone tried the academy course: Matillion Data Productivity Cloud, Foundations Academy And Certification	5	December 18, 2023
How to provide private key file (p8 file) for snowflake database connection Matillion ETL	2	February 27, 2023
Hi everyone. Is there anyone who has been able to use Azure Key Vault as storage for password to connect Matillion to Snowflake? Matillion ETL	2	November 2, 2023
Snowflake data platform preparation in config - Login error Matillion ETL	2	July 2, 2024

Has anyone setup matilion to work with Snowflake MFA using DUO. Is there a way to auto request a passcode and to use it to log in to SF?

Related topics