z/Os openssh introduction

As you know, OpenSSH can provide a more secure, reliable login,remote execution and file transfer. The z/Os OpenSSH as a secure Shell on z/OS enables more characteristic and performance data transfer. z/Os OpenSSH is more characteristic because z/Os OpenSSH fully leverages z/OS support while achieving most of the functionality that the open source secure Shell has on UNIX platforms. For example, the OpenSSH keys can be stored in RACF, recording information generated by the data in the SMF Type 119 records to monitor transmission behavior and hardware implementation of partial encryption algorithms. Clearly, these features will undoubtedly make z/Os OpenSSH more secure and reliable, while partial encryption algorithms rely on the underlying hardware to greatly improve transmission performance for large-scale data transfer. From the information currently available, z/Os OpenSSH is perhaps the most popular and popular IBM Ported Tools for z/OS. Having said z/Os OpenSSH so many advantages, you may ask how we can use it in practice, let's give you a brief introduction of the way to use z/OS OpenSSH to transmit data in a host environment.

In the USS Environment, call the z/OS OpenSSH commands directly or with the help of a shell script. This is generally our most common use, first rlogin to the USS Environment (the OMVS environment does not support the OpenSSH command), and then run this shell script directly into the command line to enter the z/OS OpenSSH command to execute or the command to execute in advance to write the script. Here's a concrete example that covers the entire process of generating the RAS key from the very beginning to completing the final file transfer. In the example we use the Publickeyauthentication authentication method, our goal is to transfer the file/home/sshtest/test on the Linux server to the host, the Linux server IP address It's shuttst.cn.ibm.com. We use the host as the client side and the Linux server as the servers side.

In the first step, we generate the RSA Keys with passphrase via the Ssh-keygen command on the client side, as shown in Figure 1-01:

Figure 1-01

The generated public key id_rsa.pub is then written to the ~/.ssh/authorized_keys on the server side, and the written file is shown in Figure 1-02.

Figure 1-02

The second step is to write the server-side public key/etc/ssh/ssh_host_rsa_key.pub to the client-side/etc/ssh/ssh_know_hosts or ~/.ssh/known_hosts. Here's a reminder to remember to add the server-side IP address and host name to the front of the key value, as shown in Figure 1-03: