SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Using SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
        Using the z/OS System Authorization Facility
        Server Authentication with Public Keys in File >>
        Server Authentication with Certificates >>
        User Authentication with Passwords
        User Authentication with Public Keys in File >>
            Using Public-Key Authentication from z/OS Client
            Using Public-Key Authentication from Windows Client to z/OS Server
            Using Public-Key Authentication from Unix Client to z/OS Server
            z/OS Server Configuration
            Optional Configuration Settings
        User Authentication with Certificates >>
        Host-Based User Authentication >>
        User Authentication with Keyboard-Interactive >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Examples of Use >>
    Man Pages >>
    Log Messages >>

Using Public-Key Authentication from Unix Client to z/OS Server

In this example, SSH Tectia Client 5.1 is used. For more information, see SSH Tectia Client 5.x User Manual.

  1. Create a key pair using ssh-keygen-g3. For non-interactive use, the key can be generated without a passphrase with the -P option.
    $ ssh-keygen-g3 -t rsa -b 1024 -P $HOME/.ssh2/unix_key
    Generating 1024-bit rsa key pair
       5 oOo.oOo.oOo.
    Key generated.
    1024-bit rsa, testuser@unix_server, Tue Jul 11 2006 14:49:51 +0300
    Private key saved to /home/testuser//.ssh2/unix_key
    Public key saved to /home/testuser//.ssh2/unix_key.pub
    
  2. Create an identification file in your $HOME/.ssh2 directory on the Unix Client, for example:
    $ cd $HOME/.ssh2
    $ echo "IdKey unix_key" >> identification
    $ cat identification 
    IdKey unix_key
    
  3. Create a remote .ssh2 directory (if it does not exist already).
    $ssh2 testuser@tectia_mf_server mkdir .ssh2
    
  4. Copy your public key to the remote z/OS Server.
    $ scpg3 unix_key.pub \
    testuser@zos:/ftadv:C=ISO8859-1,D=IBM-1047,X=TEXT/.ssh2/unix_key.pub
    
  5. Create an authorization file on the remote z/OS Server.
    $sshg3 testuser@zos "echo Key unix_key.pub >> .ssh2/authorization"
    
  6. Make sure that public-key authentication is allowed in the Connection Broker configuration on Client, in the default settings and in the relevant connection profile (it is allowed by default).

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2006 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice