Client Steps
You can use the standard user ID and password authentication where you are prompted for a password. However if you want to automate your SSH session and not hardcode a password, you can opt to use RSA or DSA authentication. To configure RSA/DSA you need to generate a key pair to identify yourself. It is best to generate the key pair at the client opposed to having the server generate one for you. This will enable you to use your key pair at multiple hosts.
Generate client key pair
This is done from a UNIX, Linux, or PASE command line. The command line is ssh-keygen. See the following example to create a RSA key pair.
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/chrisb/.ssh/id_rsa):
(hit enter to use the default file name)
Enter passphrase (empty for no passphrase): (enter a passphrase)
Enter same passphrase again: (enter it again)
Your identification has been saved in /home/chrisb/.ssh/id_rsa.
Your public key has been saved in /home/chrisb/.ssh/id_rsa.pub.
The key fingerprint is:
Whole bunch of hex: chrisb@xxxxxxxxxxxxxxx
Now you need to take the id_rsa.pub file and send it to any servers you wish to connect to.
Server side Configuration
This is the part that is usually out of our control. On the server that we wish to connect to they must put our public key on their server. When we logon we are assigned a root directory. Within this root directory they need to create a directory called .ssh It must have the leading period in the name. Within that directory they must create a file called authorized_keys. Here is where they will add our public key file that we sent to them.
Now if you can log on with a user id and password and have access to create a directory in your initial logon directory, you can do this yourself. An easy command line way to copy the file over is SCP command:
scp ~/.ssh/id_rsa.pub userid@xxxxxxxxxxx
This will put the public key generated with the ssh_keygen command on to the remote host. You should be prompted for a password. It the server was setup correctly you will have a file called authorized_keys located in a directory call .ssh
To copy your public key into this file you can run the following commands:
ssh userid@xxxxxxxxxxx
You will be prompted to enter your password.
cat id_rsa.pub >> ~/.ssh/authorized_keys
This command appends the is_rsa.pub to the end of the authorized_keys file located in your root /.ssh folder.
exit
At this time you should be able to connect to the remote host via ssh without being prompt for a password.
--
Chris Bipes
Director of Information Services
CrossCheck, Inc.
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of smith5646midrange@xxxxxxxxx
Sent: Monday, February 4, 2019 8:02 AM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Calling a program on the i via OpenSSH
Can someone post a link that shows how to set up OpenSSH public / private
keys with the iSeries being the server and a Windows machine being the
client? I don't understand how to configure keys (I'm definitely out of my
league on this) and the only examples that I can find are iSeries to iSeries
or the iSeries as a client and that's not helping me with the Windows part.
midrange.com
