The key pair used for server authentication is defined on the server in the sshd2_config file with the following parameters:

HostkeyFile              hostkey
PublicHostKeyFile        hostkey.pub

During the setup process, one RSA key pair (with the file names hostkey and hostkey.pub) is generated and stored in the /opt/tectia/etc directory. By default this key pair is used for server authentication. Make sure that only the user running sshd2 has access to the private key.

In Tectia Server for IBM z/OS, each server daemon can have only one host key pair. This is different from Tectia Server on other platforms.

By default, the server uses a public key with the file name of the private key plus the extension .pub. The PublicHostKeyFile keyword has to be defined only if the public-key file is stored with a different file name.