SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server (M) >>
    Using SSH Tectia Server (M) >>
        Configuration Files>>
        Running the Server >>
        Setting Up a Shell User>>
            Authenticating Remote Hosts
            Using Password Authentication
            Using Public-Key Authentication
        Running Client Programs>>
        Handling MVS Datasets>>
        File Transfer Examples>>
    Troubleshooting SSH Tectia Server (M) >>
    Configuration >>
    Authentication >>
    Application Tunneling >>
    Sample Files >>
    Man Pages
    Log Messages >>

Using Public-Key Authentication

In public-key authentication, the server authenticates the user by the presence of the user's public key in the user's $HOME/.ssh2 directory (see the man pages for details). The public key ties the user ID to the user's private key.

To generate a key pair, run a command such as the following:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 /u/USERB/.ssh2/userb-key

Generate the identification file that contains the name of your private key:

>echo "IdKey userb-key" >> $HOME/.ssh2/identification

Keys generated on the mainframe are in the EBCDIC format. If you are using public-key authentication against Windows or Unix servers you need to convert the public key to the ASCII format. This can be done with the iconv utility:

>iconv -t ISO8859-1 -f IBM-1047 userb-key.pub > userb-key_ascii.pub

If you are using public key authentication between two mainframes, EBCDIC/ASCII conversion is not needed.

Copy the EBCDIC-format public key, /u/USERB/.ssh2/userb-key.pub, or the converted public key, /u/USERB/.ssh2/userb-key_ascii.pub, to your $HOME/.ssh2 directory on the remote machine and create the authorization file that points to your public key on the remote machine:

>echo "Key userb-key.pub" >> $HOME/.ssh2/authorization

or

>echo "Key userb-key_ascii.pub" >> $HOME/.ssh2/authorization

To generate a key pair with a plaintext key that can be used in JCL and in the TSO OMVS shell, add the -P option to the ssh-keygen2 command:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 -P /u/USERB/.ssh2/userb-key

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2005 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice