If the user has an existing OpenSSH authorized_keys
file on the server, the ssh-keygen-g3 tool can be used to
import the OpenSSH authorized_keys
file and to
configure the authorization
file, for example:
SERVER> ssh-keygen-g3 --import-ssh1-authorized-key $HOME/.ssh/authorized_keys $HOME/.ssh2/authorization Imported key /home/user/.ssh/authorized_keys:1 to /home/user/.ssh2/imported-437b1a07-1.pub and added to authorization file /home/user/.ssh2/authorization Imported key /home/user/.ssh/authorized_keys:2 to /home/user/.ssh2/imported-437b1a07-2.pub and added to authorization file /home/user/.ssh2/authorization
For more information on the ssh-keygen-g3 options, see the Tectia Server for IBM z/OS User Manual or the ssh-keygen-g3 man page.
Alternatively, the administrator of Tectia Server for IBM z/OS may enable
AuthorizedKeysFile
in the server configuration file
/opt/tectia/etc/sshd2_config
, for example as
follows:
AuthorizedKeysFile %D/.ssh/authorized_keys
Tectia Server for IBM z/OS will check the defined AuthorizedKeysFile
in
addition to the user's AuthorizationFile
(by default
$HOME/.ssh2/authorization
). Note that the
AuthorizationFile
has precedence over
AuthorizedKeysFile
if the same key is defined in
both.