Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Using SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
        Server Authentication with Public Keys >>
        User Authentication with Passwords
        User Authentication with Public Keys >>
        Host-Based User Authentication >>
            Client Configuration
            Server Configuration
            Optional Configuration Settings
        User Authentication with Keyboard-Interactive >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Examples of Use >>
    Man Pages >>
    Log Messages >>

Client Configuration

To enable host-based authentication with traditional public keys on the client, do the following steps as ClientUser:

  1. Generate a host key. By default, /etc/ssh2/hostkey and /etc/ssh2/ are generated during installation, so you can skip this step. Otherwise, give the following command:
    > /usr/lpp/ssh2/bin/ssh-keygen2 -P /etc/ssh2/hostkey
  2. Add the following line in the /etc/ssh2/ssh2_config file:
    AllowedAuthentications   hostbased
    Also other authentication methods can be listed. Place the least interactive method first. For example:
    AllowedAuthentications   hostbased,publickey,password
  3. Change the DefaultDomain keyword in the ssh2_config file to reflect your fully qualified domain:
    Setting this is mandatory if the HostbasedAuthForceClientHostnameDNSMatch keyword in the sshd2_config file on Server has been set to yes. But even if HostbasedAuthForceClientHostnameDNSMatch is not used, the DefaultDomain keyword is useful, for example, on AIX and Solaris, which report only the short hostname by default.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2006 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now