I would prefer to use a keyring for each user but haven't tested with it yet. In thinking about that, then the users keyring would need to be defined on each system using OpenSSH sftp?
Norma Mowry -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Kirk Wolf Sent: Tuesday, September 24, 2013 14:19 To: [email protected] Subject: Re: Help with OpenSSH SFTP Batch Norma, No, the sys admin can collect host public keys and put them in /etc/ssh/known_hosts for all users. This is the preferred method, and best practice would be to manage these enterprise wide and then automatically publish to all ssh client machines. Kirk Wolf Dovetailed Technologies http://dovetail.com PS> For a full explanation, see the slides or recording: "IBM Ported PS> Tools for z/OS OpenSSH: Key Authentication" on our web site: http://dovetail.com/webinars.html On Tue, Sep 24, 2013 at 12:51 PM, Mowry, Norma E CIV DISA ESB (US) < [email protected]> wrote: > So that means every ssh user would have to do the same? > > Norma Mowry > DECC-Mechanicsburg > Operating Systems Support (ESB11) > (717)-605-7865 DSN:430 > e-mail address: [email protected] > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] > On Behalf Of Grinsell, Don > Sent: Monday, September 23, 2013 15:37 > To: [email protected] > Subject: Re: Help with OpenSSH SFTP Batch > > What I recall doing to facilitate this on my system was to use putty > to connect to my first host and then use ssh to manually connect to > the second host. This establishes the keys in the known_hosts file > for the appropriate user. After that the batch sftp should work just fine. > > If I remember correctly I seem to recall that if you already have an > entry in the known_hosts for usera you can copy that entry to the > known_hosts file for userb and it will work. > > Hope that helps. > > -- > > Donald Grinsell > State of Montana > 406-444-2983 > [email protected] > > "I love deadlines. I love the whooshing sound they make as they fly by." > ~ Douglas Adams > > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
