Your browser does not allow storing cookies. We recommend enabling them.

Tectia

From Tectia Client on Unix to Tectia Server on z/OS

The instructions apply to Tectia Client (5.1 and later) and Tectia ConnectSecure on Unix. For more information, see Tectia Client User Manual or Tectia ConnectSecure Administrator Manual.

To enable public-key authentication from Tectia Client on Unix to Tectia Server on z/OS:

  1. Create a key pair using ssh-keygen-g3. For non-interactive use, the key can be generated without a passphrase with the -P option.

    $ ssh-keygen-g3 -t rsa -b 1536 -P $HOME/.ssh2/unix_key
    Generating 1536-bit rsa key pair
       5 oOo.oOo.oOo.
    Key generated.
    1536-bit rsa, ClientUser@tectia_unix, Tue Jul 11 2006 14:49:51 +0300
    Private key saved to /home/ClientUser/.ssh2/unix_key
    Public key saved to /home/ClientUser/.ssh2/unix_key.pub
    
  2. Create a remote .ssh2 directory on the z/OS Server (if it does not exist already):

    $ sshg3 ServerUser@Server_zos mkdir .ssh2
    
  3. Copy your public key to the remote z/OS Server:

    $ scpg3 -a unix_key.pub \
    ServerUser@Server_zos:˜/.ssh2/unix_key.pub
    
  4. Create an authorization file on the remote z/OS Server.

    $ sshg3 ServerUser@Server_zos "echo Key unix_key.pub >> .ssh2/authorization"
    
  5. Make sure that public-key authentication is allowed in the Connection Broker configuration on Client, in the default settings and in the relevant connection profile (it is allowed by default).


 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now