Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server (M) >>
    Using SSH Tectia Server (M) >>
        Configuration Files>>
        Running the Server >>
        Setting Up a Shell User>>
            Authenticating Remote Hosts
            Using Password Authentication
            Using Public-Key Authentication
        Running Client Programs>>
        Handling MVS Datasets>>
        File Transfer Examples>>
    Troubleshooting SSH Tectia Server (M) >>
    Configuration >>
    Authentication >>
    Application Tunneling >>
    Sample Files >>
    Man Pages
    Log Messages >>

Using Public-Key Authentication

In public-key authentication, the server authenticates the user by the presence of the user's public key in the user's $HOME/.ssh2 directory (see the man pages for details). The public key ties the user ID to the user's private key.

To generate a key pair, run a command such as the following:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 /u/USERB/.ssh2/userb-key

Generate the identification file that contains the name of your private key:

>echo "IdKey userb-key" >> $HOME/.ssh2/identification

Keys generated on the mainframe are in the EBCDIC format. If you are using public-key authentication against Windows or Unix servers you need to convert the public key to the ASCII format. This can be done with the iconv utility:

>iconv -t ISO8859-1 -f IBM-1047 userb-key.pub > userb-key_ascii.pub

If you are using public key authentication between two mainframes, EBCDIC/ASCII conversion is not needed.

Copy the EBCDIC-format public key, /u/USERB/.ssh2/userb-key.pub, or the converted public key, /u/USERB/.ssh2/userb-key_ascii.pub, to your $HOME/.ssh2 directory on the remote machine and create the authorization file that points to your public key on the remote machine:

>echo "Key userb-key.pub" >> $HOME/.ssh2/authorization

or

>echo "Key userb-key_ascii.pub" >> $HOME/.ssh2/authorization

To generate a key pair with a plaintext key that can be used in JCL and in the TSO OMVS shell, add the -P option to the ssh-keygen2 command:

>/usr/lpp/ssh2/bin/ssh-keygen2 -t rsa -b 1024 -P /u/USERB/.ssh2/userb-key

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2005 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice

===AUTO_SCHEMA_MARKUP===