Manualshelf

SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
remote SSH daemon must support the forwarding of FTP sessions (not all SSH daemon implementations are able to
handle FTP forwarding).
Similar to the example under Forwarding Remote Port to Local Port
in section "To Establish a Port Forwarding Tunnel
with the NonStop SSH Client", the -R option can be used to forward an FTP connection from a remote host to the local
host.
To Connect a Remote SCP Client to the NonStop Server
The SCPOSS object must be available in OSS name space under the name scp and must be found via the PATH
environment variable. This can be achieved by creating a symbolic link to the installation location, e.g.
ln -s /G/system/zssh/scposs /usr/bin/scp
The environment variable ENV must be set via user attribute SHELL-ENVIRONMENT to ensure the PATH
environment variable gets set appropriately. This can be achieved, e.g. by altering the user as follows (/etc/profile is just
an example and often not a good choice):
ALTER USER test.us, SHELL-ENVIRONMENT /etc/profile
Ensure that shell scripts executed via ENV do not produce any output on stdout.
After the preparation is done you can connect with an SCP client on a remote system to SSH2 listening on the NonStop
server as follows:
test@np-dev02:~/testsftp> rm bigtxt
test@np-dev02:~/testsftp> scp test.us@10.0.0.196:bigtxt .
test.us@10.0.0.196's password:
bigtxt 100% 640KB 640.0KB/s 00:00
test@np-dev02:~/testsftp> ls bigtxt
bigtxt
Using Public Keys to Authenticate Remote Users
This section describes how SSH2 can authenticate remote users using public keys. This involves creating a public key
for the user on the remote system, and making the public key known to SSH2 on the NonStop server. After performing
the steps described below, you should be able to connect to the NonStop server with your remote SSH or SFTP client
using only the public key, without entering the NonStop user's password (you may still be prompted for the private key
passphrase, though).
For additional information on public key authentication, please refer to the "Public Key Authentication
" section in the
"SSH Protocol Reference" chapter.
To Generate a Key Pair on an OpenSSH System
On the remote system, use the following command of OpenSSH (for details of key generation, please refer to the
OpenSSH documentation):
>ssh-keygen -t dsa -C "comf.mh@10.0.0.199"
Generating public/private dsa key pair.
Enter file in which to save the key (/home/m.horst/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/m.horst/.ssh/id_dsa.
Your public key has been saved in /home/m.horst/.ssh/id_dsa.pub.
The key fingerprint is:
87:34:41:65:e5:df:e3:30:f6:46:22:02:19:24:1e:f2 comf.mh@10.0.0.199
>
Now the SFTP client will use this key whenever it connects to 10.0.0.199.
44 Installation & Quick Start HP NonStop SSH Reference Manual