Table of Contents
Advertisement
Your identification has been saved in /home/m.horst/.ssh/id_dsa.
Your public key has been saved in /home/m.horst/.ssh/id_dsa.pub.
The key fingerprint is:
87:34:41:65:e5:df:e3:30:f6:46:22:02:19:24:1e:f2 comf.mh@10.0.0.199
>
Now the SFTP client will use this key whenever it connects to 10.0.0.199.
To Add the Public Key to the NonStop SSH2 User Database
Before a user can connect using public key authentication, the public key needs to be added to the user database. Using
the SSHCOM component on the NonStop server, add the public key to the user as shown in the following example (note
that the fingerprint was copied from the output of the previous step):
$DATA1 SSH2 12> sshcom $ssh01
T9000B03_02DEC2009_SSHCOM
OPEN $ssh01
% ALTER USER comf.mh, publickey key1 fingerprint
87:34:41:65:e5:df:e3:30:f6:46:22:02:19:24:1e:f2, sftp-initial-directory /home/mh
OK, user comf.mh altered
% exit
exit
$DATA1 SSH2 13>
Note: The ALTER USER command will only work if the user already exists in the SSH2 userbase. This will be the case
if you followed the other quick tour steps. You may also create a new user with the SSHCOM ADD USER command.
After this step you can now retry the step "To connect to a remote SSH daemon with the NonStop SSH client ". You will
not be prompted for the NonStop user's password. Instead, SSH2 will authenticate the user with the public key
configured for the remote user.
Using Public Keys to Logon to Remote Systems
This section explains the steps required to use public keys to authenticate to the remote system with a NonStop SSH or
SFTP client. This involves generating a key pair for the NonStop user and configuring the public key on the remote
system.
For additional information on public key authentication, please refer to the
"SSH Protocol Reference" chapter.
Note: The commands illustrated in the following steps will implicitly depend on the user issuing the commands. It is
assumed all commands executed under the same user ID.
To Generate a Key Pair for a NonStop User
First, we will generate the key pair and store the private key in the SSH2 user database using SSHCOM from a TACL
prompt:
$DATA1 SSH2 7> run sshcom $ssh01
T9000B03_02DEC2009_SSHCOM
OPEN $ssh01
% mode client
mode client
OK, switched to client mode
% generate key test1, type rsa, comment "Thomas key"
generate key comf.tb:test1, type rsa, comment "Thomas key"
OK, key comf.tb:test1 successfully generated
%
Now the key has been generated and stored in the database. The next step will export that key and configure it on the
remote system.
44 • Installation & Quick Start
"Public Key
Authentication" section in the
HP NonStop SSH Reference Manual
- Quick Links:
- The Ssh2 Solution
- Secure Sftp Transfer
Hide quick links:
Advertisement
Table of Contents
