A recent approach yielded the question, how do I do public key authentication between this AIX host running OpenSSH and a SCO host running Tectia SSH2?
The answer lies in converting the public key you generated on the source server (AIX) into a format that SSH2 on the target servers (SCO) can understand.
If, for example, you had generated a DSA key on AIX called
id_dsa, it will also have generated a corresponding public key called
id_dsa.pub. It is this key we want to convert for use on SCO. We can do this using the command:
ssh-keygen -e -f id_dsa.pub >id_dsa_ssh2.pub
We now have a new file called
id_dsa_ssh2.pub that needs to be put in the SCO hosts
.ssh2 directory, and a reference to it amended to the SCO hosts
.ssh2/authorization file. For example: –
The usual rules regarding the identification and authorization files apply to the SCO host. Do not rename the id_dsa key on the AIX host, as (I believe) it will only accept the filenames identity (
identity.pub), id_rsa (
id_rsa.pub) and id_dsa (
UPDATE : If you want to do this the other way ’round, i.e. use public key authentication from SSH2 to OpenSSH you need to convert the SSH2 public key generated for use on the OpenSSH server. Do this with:
ssh-keygen -i -f ssh2_publickey ~/.ssh/authorized_keys2
Obviously you want to create the
ssh2_publickey file containing the public key of the server requesting access.
You can also send the converted output to a file for import somewhere else, e.g. :
ssh-keygen -i -f ssh2_publickey.ppk > publickey.pub