Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Authentication >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
        Introduction to Transparent FTP Security
        Configuring SOCKS Proxy >>
        Creating the SSHSP User
        Running SOCKS Proxy >>
        Using Public-Key Authentication with the SOCKS Proxy >>
            Creating Keys
            Listing Available Private Keys
            Giving Passphrases for Private Keys
            Clearing Passphrases for Private Keys
        Configuring FTP >>
        Examples of Transparent FTP Security>>
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

Listing Available Private Keys

The SOCKS Proxy will search and use keys from the following locations:

  • keys defined in the key-store element in the /opt/tectia/etc/ssh-socks-proxy-config.xml file
  • keys defined in the key-store element in the $HOME/.ssh2/ssh-socks-proxy-config.xml file
  • keys defined in the $HOME/.ssh2/identification file
  • keys found in the $HOME/.ssh2 directory

To get the SSHSP user's key information, you need to run ssh-socks-proxy-ctl as a UID 0 user on the USS side and give the -a /tmp/ssh-<user who started ssh-socks-proxy>/ssh-socks-proxy option to it.

To list the public-key pairs that are available for the SOCKS Proxy, give the following command:

# /opt/tectia/bin/ssh-socks-proxy-ctl list-keys -a /tmp/ssh-SSHSP/ssh-socks-proxy

The command prints a list of available private keys, showing basic key attributes such as key type, size and possible file name or key provider information. Also fingerprint and key identifier are displayed. The key identifier is a number that is used by other ssh-socks-proxy-ctl commands to identify the private key uniquely.

Running the command with the -s option produces a shorter output, for example (key hash value omitted):

# ssh-socks-proxy-ctl list-keys -s -a /tmp/ssh-SSHSP/ssh-socks-proxy
#2 ... ssh-dss /home/user1/.ssh2/id_dsa_1024_a dsa 1024
#1 ... ssh-rsa /home/user1/.ssh2/id_rsa_1536_a rsa 1536

The first number on the line is the key identifier.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more