Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Setting up Non-Interactive Server and User Authentication >>
        Key Distribution Tool
        Authenticating Remote Server Hosts >>
        Using Password for User Authentication
        Using Public Key for User Authentication >>
    Setting up Non-Interactive File Transfer >>

Key Distribution Tool

File transfer processing on mainframes is usually non-interactive. This means that the host keys of the remote servers must be stored in such a way that user interaction is not needed during the batch process, and that both users and processes use non-interactive authentication methods for user authentication.

The key distribution tool, /usr/lpp/ssh2/bin/ssh-keydist2, can be used for storing multiple remote host keys to a common key store and setting up public-key authentication to multiple hosts.

The syntax of ssh-keydist2 is as follows:

Usage: ssh-keydist2 [options] host [[options] [host]] ...

-u, --remote-user remote_user         The default is the local username.

-W, --ssh2-windows                    The remote host is running Windows and 
                                      its Secure Shell server is SSH Tectia.

-S, --ssh2-unix                       The remote host is running Unix and 
                                      its Secure Shell server is SSH Tectia.

-O, --openssh-unix                    The remote host is running Unix and 
                                      its Secure Shell server is OpenSSH.

-Z, --ssh2-zos                        The remote host is running z/OS and 
                                      its Secure Shell server is SSH Tectia.

-H, --hostlist-file hostlist_file     File contains hostnames or 
                                      username/hostname pairs.

-p, --password-file pass_file         File or dataset containing the password 
                                      for authenticating to remote server(s)
                                      during public key setup. Use with care!

-P, --empty-passphrase                Generate the key pair with an empty 

-d, --allow-keygen-overwrite          Allow ssh-keygen2 to overwrite 
                                      an existing key pair.

-t, --key-type dsa|rsa                Type of the generated key

-b, --key-bits bits                   Length of the generated key

-f, --pubkey-file public_key_file     Disable key pair generation, 
                                      distribute this key instead.

-a, --accept-new-host-keys            Automatically accept new hostkeys. 
                                      Use with care!

-N, --only-accept-new-host-keys       Only accept the hostkeys. Do not 
                                      generate or distribute user keys.

-A, --accepted-host-key-log log_file  Log file of accepted new hostkeys

-n, --do-not-execute                  Print the commands but do not 
                                      execute them.

-v, --verbose                         Use verbose mode.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now