Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
        Using the z/OS System Authorization Facility
        Server Authentication with Public Keys in File >>
        Server Authentication with Certificates >>
        User Authentication with Passwords
        User Authentication with Public Keys in File >>
            From SSH Tectia Client on z/OS
            From SSH Tectia Client on Windows to SSH Tectia Server on z/OS
            From SSH Tectia Client on Unix to SSH Tectia Server on z/OS
            From OpenSSH Client on Unix to SSH Tectia Server on z/OS
            Settings in SSH Tectia Server on z/OS
        User Authentication with Certificates >>
        Host-Based User Authentication >>
        User Authentication with Keyboard-Interactive >>
        Distributing Public Keys Using the Key Distribution Tool >>
    File Transfer Using SFTP >>
    File Transfer Using Transparent FTP Tunneling >>
    Tunneling on the Command Line >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
    Log Messages >>

From OpenSSH Client on Unix to SSH Tectia Server on z/OS

In addition to the standard IETF SecSh keys used by SSH Tectia, SSH Tectia Server for IBM z/OS accepts OpenSSH public keys for user authentication. For more information on OpenSSH configuration, see OpenSSH documentation.

To enable public-key authentication from OpenSSH client on Unix to SSH Tectia Server on z/OS:

  1. Create a key pair using ssh-keygen, for example:
    $ ssh-keygen -t rsa -b 1536
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/user1/.ssh/id_rsa): 
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /home/user1/.ssh/id_rsa.
    Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
    The key fingerprint is:
    ca:3a:5d:a7:58:9c:45:e1:4d:e3:42:e4:bc:49:0b:77 user1@openssh.example.com
    
    To create the key without a passphrase, hit enter when prompted to enter the passphrase. When the is created with a default file name (id_rsa), it is automatically used in public-key authentication attempts.
  2. Create a .ssh2 directory on the z/OS Server (if it does not exist already):
    $ ssh user1@tectia_zos mkdir .ssh2
    
  3. Copy your public key to the remote z/OS Server using sftp:
    $ sftp user1@zos
    sftp> put id_rsa.pub /ftadv:C=ISO8859-1,D=IBM-1047,X=TEXT/.ssh2/id_rsa.pub
    
  4. Create an authorization file on the remote z/OS Server.
    $ ssh user1@zos "echo Key id_rsa.pub >> .ssh2/authorization"
    
  5. Make sure that public-key authentication is allowed in the OpenSSH client configuration on Client (it is allowed by default).

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice

===AUTO_SCHEMA_MARKUP===