Your browser does not allow storing cookies. We recommend enabling them.
SSH.COM uses cookies to give you the best experience and most relevant marketing. More info
DECLINE Warning: Some functionality on this site will not work without cookies and our advertising will be less relevant!GOT IT!

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Authentication >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
        Introduction to Transparent FTP Security
        Configuring SOCKS Proxy >>
        Creating the SSHSP User
        Running SOCKS Proxy >>
        Using Public-Key Authentication with the SOCKS Proxy >>
            Creating Keys
            Listing Available Private Keys
            Giving Passphrases for Private Keys
            Clearing Passphrases for Private Keys
        Configuring FTP >>
        Examples of Transparent FTP Security>>
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

Listing Available Private Keys

The SOCKS Proxy will search and use keys from the following locations:

  • keys defined in the key-store element in the /opt/tectia/etc/ssh-socks-proxy-config.xml file
  • keys defined in the key-store element in the $HOME/.ssh2/ssh-socks-proxy-config.xml file
  • keys defined in the $HOME/.ssh2/identification file
  • keys found in the $HOME/.ssh2 directory

To get the SSHSP user's key information, you need to run ssh-socks-proxy-ctl as a UID 0 user on the USS side and give the -a /tmp/ssh-<user who started ssh-socks-proxy>/ssh-socks-proxy option to it.

To list the public-key pairs that are available for the SOCKS Proxy, give the following command: 

# /opt/tectia/bin/ssh-socks-proxy-ctl list-keys -a /tmp/ssh-SSHSP/ssh-socks-proxy

The command prints a list of available private keys, showing basic key attributes such as key type, size and possible file name or key provider information. Also fingerprint and key identifier are displayed. The key identifier is a number that is used by other ssh-socks-proxy-ctl commands to identify the private key uniquely.

Running the command with the -s option produces a shorter output, for example (key hash value omitted): 

# ssh-socks-proxy-ctl list-keys -s -a /tmp/ssh-SSHSP/ssh-socks-proxy
#2 ... ssh-dss /home/user1/.ssh2/id_dsa_1024_a dsa 1024
#1 ... ssh-rsa /home/user1/.ssh2/id_rsa_1536_a rsa 1536

The first number on the line is the key identifier.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now

  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now