Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Using SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Examples of Use >>
        Secure File Transfers Using the z/OS Client>>
        Secure File Transfers Using Windows and Unix Clients>>
        Submitting JCL Jobs over Secure Shell
        Debugging SSH Tectia Server for IBM z/OS>>
        Example of Distributing Keys >>
            Mainframe Server Keys
            Remote Server Keys
            Mainframe User Keys
            Remote User Keys
    Man Pages >>
    Log Messages >>

Remote Server Keys

The SSH Tectia clients on the mainframe must have remote server public keys or public key hash values available in order to authenticate the remote server they are connecting to. The keys or key hash values can be stored in the mainframe user's $HOME/.ssh2/hostkeys directory or in the /etc/ssh2/hostkeys directory which is common for all the users. The example hostkey tool can be used to retrieve multiple remote host keys and store the key hash values to user's host key directory. Separate steps are needed if the administrator wants to store these key hash values also to system-wide key store that is available for all the users.

For more information about hashed host key format and usage of the system-wide key store, see Section Server Authentication with Public Keys.

Example 1: Fetching multiple host keys in verbose more and storing the log under /tmp.

> -v -N -A /tmp/newhosts.log host1 host2 host3 host4

The host keys are copied under $HOME/.ssh2/hostkeys. If the administrator wants to use those keys for all users, key hashes and the salt file need to be copied to global key store /etc/ssh2/hostkeys.

> mkdir /etc/ssh2/hostkeys
> cp $HOME/.ssh2/hostkeys/* /etc/ssh2/hostkeys 
> chmod 755 /etc/ssh2/hostkeys 
> chmod 644 /etc/ssh2/hostkeys/*

Example2: Fetching host keys using a hostlist file.

The format of the hostlist file is the following:

The commands are the following:

> -N -A /tmp/newhosts.log -H /home/userid/hostlist.txt

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2006 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more