SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    File Transfer Using SFTP >>
    File Transfer Using Transparent FTP Tunneling >>
    Tunneling on the Command Line >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
        scp2
        sftp2
        ssh-add2
        ssh-agent2
        ssh-socks-proxy >>
        ssh-socks-proxy-config >>
        ssh-socks-proxy-ctl >>
        ssh-certd
        ssh_certd_config
        ssh-certview >>
        ssh-cmpclient >>
        ssh-dummy-shell
        ssh-ekview
        ssh-externalkeys
        ssh-keydist2 >>
            Synopsis
            Description
            Options
            Examples
        ssh-keygen2
        ssh-probe2
        ssh-scepclient >>
        ssh-sft-stage
        ssh2
        ssh2_config
        sshd-check-conf
        sshd2
        sshd2_config
        sshd2_subconfig
        sshregex
    Log Messages >>

Options

ssh-keydist2 accepts the following options:

  • -u, --remote-user USER

    Specify remote username. The default is the local username.

  • -W, --ssh2-windows

    The remote host is running Windows and its Secure Shell server is SSH Tectia. The public key is uploaded to the user's %USERPROFILE%\.ssh2 directory and the %USERPROFILE%\.ssh2\authorization file is updated.

  • -S, --ssh2-unix

    The remote host is running Unix and its Secure Shell server is SSH Tectia. The public key is uploaded to the user's $HOME/.ssh2 directory and the $HOME/.ssh2/authorization file is updated.

  • -O, --openssh-unix

    The remote host is running Unix and its Secure Shell server is OpenSSH. The public key is appended to the user's $HOME/.ssh/authorized_keys file.

  • -Z, --ssh2-zos

    The remote host is running z/OS and its Secure Shell server is SSH Tectia. The public key is uploaded to the user's USS $HOME/.ssh2 directory and the $HOME/.ssh2/authorization file is updated.

  • -H, --hostlist-file FILE

    Specify a host list file that contains hostnames or username/hostname pairs.

    The format of the host list file is as follows:

    userid1/host1.example.com
    userid2/host2.example.com
    userid3/host3.example.com
    

    If the username is omitted from the list, the username given with the -u option is used for the connection. If -u has not been given, the local username is used.

  • -p, --password-file FILE

    Specify a file or a dataset containing the password for authenticating to remote server(s) during public key setup. Use with care!

  • -P, --empty-passphrase

    Generate the key pair with an empty passphrase.

  • -d, --allow-keygen-overwrite

    Allow ssh-keygen2 to overwrite an existing key pair.

  • -t, --key-type dsa|rsa

    Selects the algorithm used in key generation. dsa (Digital Signature Algorithm) and rsa are supported. The default is dsa.

  • -b, --key-bits NUMBER

    Specifies the length of the generated key in bits (default 2048).

  • -f, --pubkey-file FILE

    Disables key pair generation, and distributes the given key file instead.

  • -a, --accept-new-host-keys

    Automatically accepts new host keys. Use with care!

  • -N, --only-accept-new-host-keys

    Only accepts new host keys (implies -a). Does not generate or distribute user keys.

  • -i, --accept-host-keys-also-by-ip

    Stores the accepted host keys also by their IP address.

  • -I, --dont-accept-host-keys-also-by-ip

    Does not store the accepted host keys also by their IP address (default).

  • -F, --accepted-host-key-format plain|hashed

    The accepted host keys are stored in the specified format. The default is hashed.

  • -g, --accept-hostkeys-globally

    The accepted host keys are copied to the system-wide store for trusted host keys (/etc/ssh2/hostkeys). This causes all users to trust the host key. Also -F plain must be specified. Giving this option requires administrator privileges.

  • -A, --accepted-host-key-log log_file

    Specifies a log file listing the accepted new host keys.

  • -n, --do-not-execute

    Prints the commands but does not execute them.

  • -v, --verbose

    Enables verbose mode. Information on the progress of the program is displayed in standard output.

Caution: When ssh-keydist2 is run with the -a or -N options, it accepts the received host keys automatically without prompting the user. You should verify the validity of keys after receiving them or you risk being subject to a man-in-the-middle attack. To be able to verify the keys, you should use the plain host key storage format. See Section Authenticating Remote Server Hosts for more information.

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice