SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Setting up Non-Interactive Server and User Authentication >>
        Key Distribution Tool
        Authenticating Remote Server Hosts >>
        Using Password for User Authentication
        Using Public Key for User Authentication >>
    Setting up Non-Interactive File Transfer >>

Key Distribution Tool

File transfer processing on mainframes is usually non-interactive. This means that the host keys of the remote servers must be stored in such a way that user interaction is not needed during the batch process, and that both users and processes use non-interactive authentication methods for user authentication.

The key distribution tool, /usr/lpp/ssh2/bin/ssh-keydist2, can be used for storing multiple remote host keys to a common key store and setting up public-key authentication to multiple hosts.

The syntax of ssh-keydist2 is as follows: 

Usage: ssh-keydist2 [options] host [[options] [host]] ...

Options:
-u, --remote-user remote_user         The default is the local username.

-W, --ssh2-windows                    The remote host is running Windows and 
                                      its Secure Shell server is SSH Tectia.

-S, --ssh2-unix                       The remote host is running Unix and 
                                      its Secure Shell server is SSH Tectia.

-O, --openssh-unix                    The remote host is running Unix and 
                                      its Secure Shell server is OpenSSH.

-Z, --ssh2-zos                        The remote host is running z/OS and 
                                      its Secure Shell server is SSH Tectia.

-H, --hostlist-file hostlist_file     File contains hostnames or 
                                      username/hostname pairs.

-p, --password-file pass_file         File or dataset containing the password 
                                      for authenticating to remote server(s)
                                      during public key setup. Use with care!

-P, --empty-passphrase                Generate the key pair with an empty 
                                      passphrase.

-d, --allow-keygen-overwrite          Allow ssh-keygen2 to overwrite 
                                      an existing key pair.

-t, --key-type dsa|rsa                Type of the generated key

-b, --key-bits bits                   Length of the generated key

-f, --pubkey-file public_key_file     Disable key pair generation, 
                                      distribute this key instead.

-a, --accept-new-host-keys            Automatically accept new hostkeys. 
                                      Use with care!

-N, --only-accept-new-host-keys       Only accept the hostkeys. Do not 
                                      generate or distribute user keys.

-A, --accepted-host-key-log log_file  Log file of accepted new hostkeys

-n, --do-not-execute                  Print the commands but do not 
                                      execute them.

-v, --verbose                         Use verbose mode.

Previous Next Up [Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice