Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server (M) >>
    Using SSH Tectia Server (M) >>
        Configuration Files>>
        Running the Server >>
        Setting Up a Shell User>>
            Authenticating Remote Hosts
            Using Password Authentication
            Using Public-Key Authentication
        Running Client Programs>>
        Handling MVS Datasets>>
        File Transfer Examples>>
    Troubleshooting SSH Tectia Server (M) >>
    Configuration >>
    Authentication >>
    Application Tunneling >>
    Sample Files >>
    Man Pages
    Log Messages >>

Using Public-Key Authentication

In public-key authentication, the server authenticates the user by the presence of the user's public key in the user's $HOME/.ssh2 directory (see the man pages for details). The public key ties the user ID to the user's private key.

To generate a key pair, run a command such as the following:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 /u/USERB/.ssh2/userb-key

Generate the identification file that contains the name of your private key:

>echo "IdKey userb-key" >> $HOME/.ssh2/identification

Keys generated on the mainframe are in the EBCDIC format. If you are using public-key authentication against Windows or Unix servers you need to convert the public key to the ASCII format. This can be done with the iconv utility:

>iconv -t ISO8859-1 -f IBM-1047 userb-key.pub > userb-key_ascii.pub

If you are using public key authentication between two mainframes, EBCDIC/ASCII conversion is not needed.

Copy the EBCDIC-format public key, /u/USERB/.ssh2/userb-key.pub, or the converted public key, /u/USERB/.ssh2/userb-key_ascii.pub, to your $HOME/.ssh2 directory on the remote machine and create the authorization file that points to your public key on the remote machine:

>echo "Key userb-key.pub" >> $HOME/.ssh2/authorization

or

>echo "Key userb-key_ascii.pub" >> $HOME/.ssh2/authorization

To generate a key pair with a plaintext key that can be used in JCL and in the TSO OMVS shell, add the -P option to the ssh-keygen2 command:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 -P /u/USERB/.ssh2/userb-key

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2005 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more