login about faq


I want to be able to run scp on an AIX 7.1 machine to upload a file to Windows 2008 server running Tectia Server 6.1.

I generated my key on the AIX machine using:

ssh-keygen -t rsa

and I get 2 key files:

 1. id_rsa (private key) 
 2. id_rsa.pub (pbulic key)

What's the next step I have to do on the Tectia server to set up an scp transfer without password?

asked Apr 14 '14 at 13:22

Rexroth's gravatar image


edited Apr 14 '14 at 14:46

Roman's gravatar image

Roman ♦♦

Here are the steps to setup public key authentication from an OpenSSH client to a Tectia SSH Server.

1 . Generate the key pair

On the client host generate a public key pair using the ssh-keygen command line tool. It will ask you to provide a passphrase and generate a 2048-bit RSA key pair.

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
7a:45:a9:ba:2e:a4:6d:99:46:b7:4a:cd:2a:30:6e:f9 user@example.com
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|           .     |
|          o      |
|         o       |
|        S .      |
|o   oo.o .       |
|.o.=.+=..        |
| +o.B..o         |
|. .Eo+o          |

This will generate a key pair consisting of two separate files. One of the keys is your private key which must never be made available to anyone but yourself. If a passphrase was provided, the private key can only be used together with the passphrase.

The key pair is stored in the following locations under $HOME/.ssh :

  • id_rsa (the private key)
  • id_rsa.pub (the public key)

In the example above, the private key file is id_rsa. The public key file is id_rsa.pub, and it can be distributed to other computers.

2 . Upload the public part of the key to the server

After generating the key pair, upload the public part of the key (id_rsa.pub) to the server.

Using authorized_keys directory

If the server is a Tectia Server version 5.0 or newer, this can be done by creating an authorized_keys directory and copying the public key there.

a. Create the authorized_keys directory

First create the authorized_keys directory on the server under $HOME/.ssh2/authorized_keys (for Unix) or %USERPROFILE%\.ssh2\authorized_keys (for Windows). This can be done directly on the server or using sshg3 and remote commands:

First create the .ssh2 directory

ssh ServerUser@tectia_server "mkdir .ssh2"

Then the authorized_keys directory

ssh ServerUser@tectia_server "mkdir .ssh2/authorized_keys"

b. Finally copy the public key to the authorized_keys directory

scp id_rsa.pub ServerUser@tectia_server:.ssh2/authorized_keys/

Using an authorization file

If the server is an older version of Tectia Server (4.x) then this requires a bit more work. Besides uploading the public key to the server you'll also need to create an authorization file which contains the name and path to the public key.

The authorization file is also supported in newer versions of Tectia, so this method should work against all versions of Tectia Server.

a. First create an .ssh2 directory on the server (if it does not already exist)

ssh ServerUser@tectia_server "mkdir .ssh2"

b. Copy the public key to the server

In this case we copy it to the .ssh2 directory on the server:

scp id_rsa.pub ServerUser@tectia_server:.ssh2/

c. Create an authorization file on the server

Create an authorization file in the server under the .ssh2 directory, such as:

If the server is Unix:

ssh ServerUser@tectia_server "echo Key id_rsa.pub >> .ssh2/authorization"

If the server is Windows:

ssh ServerUser@tectia_server "cmd /c echo Key id_rsa.pub >> .ssh2/authorization"

After this the authorization file will look like this:

Key     id_rsa.pub

That should do it, after this it should be possible to connect from the client to the server using public-key authentication.

Please note that public key authentication needs to be allowed in the server configuration for this to work.


answered Apr 14 '14 at 14:42

Roman's gravatar image

Roman ♦♦

thanks for the reply, i have already done the setting and it works fine

(Apr 15 '14 at 09:20) Rexroth Rexroth's gravatar image

no problem, good to hear!

(Apr 15 '14 at 10:16) Roman ♦♦ Roman's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Apr 14 '14 at 13:22

Seen: 15,635 times

Last updated: Nov 09 '14 at 20:58

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.