SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

To Add the Public Key to the NonStop SSH2 User Database

Before a user can connect using public key authentication, the public key needs to be added to the user database. Using

the SSHCOM component on the NonStop server, add the public key to the user as shown in the following example (note

that the fingerprint was copied from the output of the previous step):

$DATA1 SSH2 12> sshcom $ssh01

SSHCOM T0801H01_22JAN2014_ABK - 2014-01-24 15:42:47.440

OPEN $ssh01

% ALTER USER comf.mh, publickey key1 fingerprint

87:34:41:65:e5:df:e3:30:f6:46:22:02:19:24:1e:f2, sftp-initial-directory /home/mh

OK, user comf.mh altered

% exit

exit

$DATA1 SSH2 13>

Note: The ALTER USER command will only work if the user already exists in the SSH2 userbase. This will be the case

if you followed the other quick tour steps. You may also create a new user with the SSHCOM ADD USER command.

After this step you can now retry the step "To connect to a remote SSH daemon with the NonStop SSH client ". You will

not be prompted for the NonStop user's password. Instead, SSH2 will authenticate the user with the public key

configured for the remote user.

Using Public Keys to Logon to Remote Systems

This section explains the steps required to use public keys to authenticate to the remote system with a NonStop SSH or

SFTP client. This involves generating a key pair for the NonStop user and configuring the public key on the remote

system.

For additional information on public key authentication, please refer to the "Public Key Authentication

" section in the

"SSH Protocol Reference" chapter.

Note: The commands illustrated in the following steps will implicitly depend on the user issuing the commands. It is

assumed all commands executed under the same user ID.

To Generate a Key Pair for a NonStop User

First, we will generate the key pair and store the private key in the SSH2 user database using SSHCOM from a TACL

prompt:

$DATA1 SSH2 7> run sshcom $ssh01

SSHCOM T0801H01_22JAN2014_ABK - 2014-01-24 15:42:47.440

OPEN $ssh01

% mode client

mode client

OK, switched to client mode

% generate key test1, type rsa, comment "Thomas key"

generate key comf.tb:test1, type rsa, comment "Thomas key"

OK, key comf.tb:test1 successfully generated

Now the key has been generated and stored in the database. The next step will export that key and configure it on the

remote system.

To Export the Public Key and Configure it on the Remote System

The following command within SSHCOM will export the public part of the key just generated and write it into a file:

$DATA1 SSH2 7> run sshcom $ssh01

SSHCOM T0801H01_22JAN2014_ABK - 2014-01-24 15:42:47.440

OPEN $ssh01

% export key comf.tb:test1, file $data1.tbtmp.tbkey, format openssh

export key comf.tb:test1, file $data1.tbtmp.tbkey, format openssh

HP NonStop SSH Reference Manual Installation & Quick Start • 45