Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server (M) >>
    Using SSH Tectia Server (M) >>
        Configuration Files>>
        Running the Server >>
        Setting Up a Shell User>>
            Authenticating Remote Hosts
            Using Password Authentication
            Using Public-Key Authentication
        Running Client Programs>>
        Handling MVS Datasets>>
        File Transfer Examples>>
    Troubleshooting SSH Tectia Server (M) >>
    Configuration >>
    Authentication >>
    Application Tunneling >>
    Sample Files >>
    Man Pages
    Log Messages >>

Using Public-Key Authentication

In public-key authentication, the server authenticates the user by the presence of the user's public key in the user's $HOME/.ssh2 directory (see the man pages for details). The public key ties the user ID to the user's private key.

To generate a key pair, run a command such as the following:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 /u/USERB/.ssh2/userb-key

Generate the identification file that contains the name of your private key:

>echo "IdKey userb-key" >> $HOME/.ssh2/identification

Keys generated on the mainframe are in the EBCDIC format. If you are using public-key authentication against Windows or Unix servers you need to convert the public key to the ASCII format. This can be done with the iconv utility:

>iconv -t ISO8859-1 -f IBM-1047 >

If you are using public key authentication between two mainframes, EBCDIC/ASCII conversion is not needed.

Copy the EBCDIC-format public key, /u/USERB/.ssh2/, or the converted public key, /u/USERB/.ssh2/, to your $HOME/.ssh2 directory on the remote machine and create the authorization file that points to your public key on the remote machine:

>echo "Key" >> $HOME/.ssh2/authorization


>echo "Key" >> $HOME/.ssh2/authorization

To generate a key pair with a plaintext key that can be used in JCL and in the TSO OMVS shell, add the -P option to the ssh-keygen2 command:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 -P /u/USERB/.ssh2/userb-key

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2005 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now