In IBM's defense, its a little difficult to document how SSH works on
(all) other platforms.
If you are implementing SSH on multiple platforms, it really helps to
have a understanding of how it works. For this, I would recommend the
OReilly book: "SSH, the Secure Shell".
FYI - z/OS Ported Tools is really a port of OpenSSH 3.8
For making Putty keys:
1) (For each Windows/Putty user) create a DSA keypair using PuttyGen:
http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter8.html#pubkey-puttygen
- ask for a "DSA" key
- Give the private key a passphrase if you care about security!
- save both the public and private key to two separate files
2) On z/OS in a Unix shell:
cd
mkdir .ssh
chmod 700 .ssh
3) upload the DSA public key to the ~/.ssh directory you just created,
and rename it "authorized_keys". Note: that this is a text file, so
make sure that it is EBCDIC after you upload it.
4) the authorized_keys file needs tight permissions:
chmod 600 ~/.ssh/authorized_keys
5) Start Pagent on the workstation, and add your private key to it.
This will prompt you for the private key passphrase. I usually start
pagent automatically at startup; there's a command switch that lets to
specify the private key to use. Then, when ever you login to Windoze,
you'll see a prompt from Pagent for your passphase, once you enter it,
pagent will sit happily in your system tray.
6) use putty or plink to connect to z/os... If you did it right, no
password will be required. If it doesn't work, try to debug it with
plink -v. Example:
plink -v -ssh [EMAIL PROTECTED] ls
BTW: If this helps anyone, I would appreciate a reply to the
following quiz: :-)
? Would you be interested in being able to read and write MVS datasets via SSH :
- from Windows, Linux, Unix, or z/OS, both command-line and Java /
C (open source) apis
- supporting all sorts of text / binary / rdw line <-> record conversions
- supporting any codepage conversion
We're just curious, but if enough people are interested, we may be
inclined to release a (free) package.
Regards,
Kirk Wolf
Dovetailed Technologies
On 4/27/06, Lesseg, Jon <[EMAIL PROTECTED]> wrote:
> Implementing SSH (Ported Tools) between z/OS 1.4 and workstations
> (PuTTY).
> To demystify the configuration on the workstation in the -03 level IBM
> Ported Tools Users Guide, is there anyone out there that could:
> 1) detail the requirements for private keys on the workstation and where
> they live (directory, path)? I've got the public ones in place I think.
> 2) clarify what the $HOME/ references mean (on workstation or on z/OS
> UNIX somewhere)?
> 3) detail modification to PuTTY parms to point to SSH keys necessary
> allowing smooth UID/PWDless logon processing?
> 4) present connection flow and files utilized in sequence dialogue to
> wrap it all up?
>
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
