Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
31323334353637383940
Table 12 Permissions for the Client Files and Directories (continued)
PermissionsFile/Directory
-rw-r--r-- or -rw------$HOME/.ssh/id_rsa.pub and id_dsa.pub
-rwx------$HOME/.ssh/config
4. Copy the public key in the client system to the home directory of the server using the following
command:
# cat $HOME/.ssh/id_dsa.pub | ssh remoteuser@remotehost
cat - >> $HOME/.ssh/authorized_keys
The following output is displayed:
The authenticity of host remoteuser.remotehost (15.70.189.130) cant be established
ECDSA key fingerprint is 2a:c9:77:ad:d5:d3:ef:c3:1e:12:12:9e:3a:9f:c0:38.
Are you sure you want to continue connecting (yes/no)?
5. Enter yes to continue with the connection. The following message is displayed:
Warning: Permanently added itanika2.india.hp.com (ECDSA) to the list of known hosts.
Enter no if you do not want to continue with the connection.
6. To enable public-key authentication, set the following directive in the server configuration file
/opt/ssh/etc/sshd_config:
PubkeyAuthentication yes
7. Set the directory and file permissions on the server as specified in Table 13.
Table 13 Permissions for the Server Files and Directories
File PermissionFile/Directory
drwx------ or drwxr--r--$HOME (home directory)
drwx------ or drwxr--r--$HOME/.ssh
-rw-r--r-- or -rw------$HOME/.ssh/authorized_keys and $HOME/.ssh/
authorized_keys2
NOTE: The $HOME and $HOME/.ssh directories, and all the files in the $HOME/.ssh
directories must be owned by the respective users whose home directories they are.
8. To connect to the server, run the following command:
$ ssh Clay
Where:
Clay is the name of the server to which you want to connect.
The server does not prompt for the password. The secure connection is established between
the server and the client.
Configuring Kerberos Authentication
Kerberos authentication contains the following entities:
Application client
Application server daemon
Kerberos server
Before you can use HP-UX Secure Shell with Kerberos, you must set up and configure these entities.
These entities must also communicate the Kerberos password to the client and copy the key file
from one system to the other.
To use HP-UX Secure Shell with Kerberos authentication, follow these steps:
Configuring Kerberos Authentication 35