Distributing Public Keys Using the Key Distribution Tool
File transfer processing on mainframes is usually non-interactive. This means that the host keys of the remote servers must be stored in a way that user interaction is not needed during the batch process, and that both users and processes use non-interactive authentication methods for user authentication.
The key distribution tool,
/usr/lpp/ssh2/bin/ssh-keydist2, can be used for storing multiple remote host keys to user-specific or common key store and setting up public-key authentication to multiple hosts.
The tool uses sub-script
/usr/lpp/ssh2/bin/ssh-1st-connect2 for receiving remote host keys.
The tool calls
/usr/lpp/ssh2/bin/ssh-keygen2 when creating new key pairs.
For more infromation on the
ssh-keydist2 options, see Appendix ssh-keydist2.
Most of the examples in this section are executed from Unix shell (for example, OMVS shell), but the same commands can also be run in JCL using