Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Using SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
        Using the z/OS System Authorization Facility
        Server Authentication with Public Keys in File >>
        Server Authentication with Certificates >>
        User Authentication with Passwords
        User Authentication with Public Keys in File >>
            Using Public-Key Authentication from z/OS Client
            Using Public-Key Authentication from Windows Client to z/OS Server
            Using Public-Key Authentication from Unix Client to z/OS Server
            z/OS Server Configuration
            Optional Configuration Settings
        User Authentication with Certificates >>
        Host-Based User Authentication >>
        User Authentication with Keyboard-Interactive >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Examples of Use >>
    Man Pages >>
    Log Messages >>

Using Public-Key Authentication from Unix Client to z/OS Server

In this example, SSH Tectia Client 5.1 is used. For more information, see SSH Tectia Client 5.x User Manual.

  1. Create a key pair using ssh-keygen-g3. For non-interactive use, the key can be generated without a passphrase with the -P option.
    $ ssh-keygen-g3 -t rsa -b 1024 -P $HOME/.ssh2/unix_key
    Generating 1024-bit rsa key pair
       5 oOo.oOo.oOo.
    Key generated.
    1024-bit rsa, testuser@unix_server, Tue Jul 11 2006 14:49:51 +0300
    Private key saved to /home/testuser//.ssh2/unix_key
    Public key saved to /home/testuser//.ssh2/unix_key.pub
    
  2. Create an identification file in your $HOME/.ssh2 directory on the Unix Client, for example:
    $ cd $HOME/.ssh2
    $ echo "IdKey unix_key" >> identification
    $ cat identification 
    IdKey unix_key
    
  3. Create a remote .ssh2 directory (if it does not exist already).
    $ssh2 testuser@tectia_mf_server mkdir .ssh2
    
  4. Copy your public key to the remote z/OS Server.
    $ scpg3 unix_key.pub \
    testuser@zos:/ftadv:C=ISO8859-1,D=IBM-1047,X=TEXT/.ssh2/unix_key.pub
    
  5. Create an authorization file on the remote z/OS Server.
    $sshg3 testuser@zos "echo Key unix_key.pub >> .ssh2/authorization"
    
  6. Make sure that public-key authentication is allowed in the Connection Broker configuration on Client, in the default settings and in the relevant connection profile (it is allowed by default).

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2006 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more