Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Authentication >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
        Introduction to Transparent FTP Security
        Configuring SOCKS Proxy >>
        Creating the SSHSP User
        Running SOCKS Proxy >>
        Using Public-Key Authentication with the SOCKS Proxy >>
            Creating Keys
            Listing Available Private Keys
            Giving Passphrases for Private Keys
            Clearing Passphrases for Private Keys
        Configuring FTP >>
        Examples of Transparent FTP Security>>
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

Listing Available Private Keys

The SOCKS Proxy will search and use keys from the following locations:

  • keys defined in the key-store element in the /opt/tectia/etc/ssh-socks-proxy-config.xml file
  • keys defined in the key-store element in the $HOME/.ssh2/ssh-socks-proxy-config.xml file
  • keys defined in the $HOME/.ssh2/identification file
  • keys found in the $HOME/.ssh2 directory

To get the SSHSP user's key information, you need to run ssh-socks-proxy-ctl as a UID 0 user on the USS side and give the -a /tmp/ssh-<user who started ssh-socks-proxy>/ssh-socks-proxy option to it.

To list the public-key pairs that are available for the SOCKS Proxy, give the following command:

# /opt/tectia/bin/ssh-socks-proxy-ctl list-keys -a /tmp/ssh-SSHSP/ssh-socks-proxy

The command prints a list of available private keys, showing basic key attributes such as key type, size and possible file name or key provider information. Also fingerprint and key identifier are displayed. The key identifier is a number that is used by other ssh-socks-proxy-ctl commands to identify the private key uniquely.

Running the command with the -s option produces a shorter output, for example (key hash value omitted):

# ssh-socks-proxy-ctl list-keys -s -a /tmp/ssh-SSHSP/ssh-socks-proxy
#2 ... ssh-dss /home/user1/.ssh2/id_dsa_1024_a dsa 1024
#1 ... ssh-rsa /home/user1/.ssh2/id_rsa_1536_a rsa 1536

The first number on the line is the key identifier.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice