When I look on our z/OS system there is only:
Type Filename
_ Dir .
_ Dir ..
_ File prng_seed
in /.ssh
that file timestamp corresponds to when I did the keygen.
No 'known_hosts' file in the entire HFS - We're on z/OS 1.6
.
"Post, Mark K" <[EMAIL PROTECTED]>
Sent by: Linux on 390 Port
<[email protected]>
To
[email protected]
cc
02/08/2006 01:05 PM
Subject
Re:
Attempting to get ported tools SSH to talk to a SLES 9 image on z.
Please respond to
Linux on 390 Port <[email protected]>
Looks like you need to add the target system's public key to the
~/.ssh/known_hosts file on the source system.
Mark Post
-----Original Message-----
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of
James Melin
Sent: Wednesday, February 08, 2006 2:00 PM
To: [email protected]
Subject: Attempting to get ported tools SSH to talk to a SLES 9 image on
z.
Hello all.
Our z/OS Sysprog installed the ported tools package for me. After a
couple of mis-steps everything that was needed in /etc/ssh on z/OS was
in place.
The instructions I have in the ported tools manual say to make a copyt
of /samples/ssh_config in my user home directory on z/OS as
$HOME/config.
This appears to be identical to the configuration file
/etc/.ssh/config. All of the entries were commented out, so in my copy,
i$HOME/.ssh/config, I uncommented the Host * and Protocol 2 sections.
The instructions do not mention modification of the file in /etc.
I then followed the instructions continuaing on page 30 (2nd page of
chapter 5) of the ported tools manual.
1) Ran ssh-keygen -t rsa and saved the keys in $HOME/.ssh
2) FTP'ed id_rsa.pub in ascii to the target linux and stored it as
$HOME/.ssh/zos/id_rsa.pub (so as not lo overlay the key I already have
there from a previous linux to linux thing)
3) I then cat'ed the public key into the authorized key file via cat
./zos/id_rsa.pub >> ./authorized_keys while in $HOME/
4) verified the permission bits on these higher level directories and
these files as being restricted to not be group/world writeable per the
documentation
Tring to figure out where to look for more information than these two
messages.
FSUM1006 A shell was not specified. Processing continues using the
default shell name. Host key verification failed.
The FSUM1006 is known. We don't have a default shell specified in the
OMVS segments. Not my area. Dunno why.
THe 'Host Key verification failed' message is what I need to know more
about. I need to at the very least find out whether there is more
information logged some where.
The JCL that I ran to get that message:(real user ID edited out per
management)
//USERID01 JOB (4080,0555),'SSH TESTING',CLASS=A,MSGCLASS=Q,
// NOTIFY=USERID,USER=USERID
// SET CMD='SH ssh -l '
// SET RMTID='userid '
// SET RMTHOST='ingram '
// SET RMTCMD='"/clamscan/scripts/scanengine.sh vadnais" '
//BPX EXEC PGM=BPXBATCH,REGION=0M,
// PARM='&CMD&RMTID&RMTHOST&RMTCMD'
//STDOUT DD PATH='/u/userid/bpxtest.out',PATHOPTS=(OWRONLY,OCREAT),
// PATHMODE=SIRWXU
//STDERR DD PATH='/u/userid/bpxtest.err',PATHOPTS=(OWRONLY,OCREAT),
// PATHMODE=SIRWXU
//PRINT EXEC PGM=IKJEFT1B
//INDD1 DD PATH='/u/userid/bpxtest.out',PATHOPTS=ORDONLY,
// PATHDISP=(DELETE,DELETE)
//INDD2 DD PATH='/u/userid/bpxtest.err',PATHOPTS=ORDONLY,
// PATHDISP=(DELETE,DELETE)
//OUTDD1 DD SYSOUT=*
//SYSTSPRT DD DUMMY
//SYSTSIN DD *
OCOPY INDD(INDD1) OUTDD(OUTDD1)
OCOPY INDD(INDD2) OUTDD(OUTDD1)
/*
//*
What step am I missing?
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
