User Authentication

The authentication method used by the client depends on the password and secure key container parameters supplied by the client, and the settings of the security options AUTHBYPASSWORD and AUTHBYPUBLICKEY. The corresponding authentication method is not allowed if either of these options is DISABLED.

The password is used for password authentication and the secure key container is used for publickey authentication.

For more information about the AUTHBYPUBLICKEY and AUTHBYPASSWORD security options, refer to the MCP Security Overview and Implementation Guide.

The following are the examples of a Unisys MCP system connecting to a Red Hat Linux system that runs Open Source SSH.

Example 1- Password Authentication

In this example, “bob” does not need to be a valid usercode at this MCP host. If password authentication is not DISABLED, then password authentication is attempted using, “bob” as the username and “password” as the password. 

R *SYSTEM/SSHCLIENT ("SSH -l bob -P password 10.0.0.1 uname")
#RUNNING 1194                                                            
#?                                                                       
Linux                                                                    
#ET=3.7 PT=0.0 IO=0.0

Example 2- Publickey Authentication

In this example, the usercode under which the client is running must be the owner of key container WEATHER_KEY1 or an error occurs. If publickey authentication is not DISABLED, then publickey authentication is attempted using the remote username “bob” and the publickey contained in the WEATHER_KEY1 key container. 

R *SYSTEM/SSHCLIENT ("SSH -i WEATHER_KEY1-l bob 10.0.0.1 ls")
#RUNNING 1198                                                          
#?                                                                    
2GBFile                                                               
ADM                                                                   
CONT_FTPDATA                                                          
cont_langtest                                                         
CONT_SFTP                                                             
Desktop                                                               
dir1                                                                  
dir123                                                                
dir8                                                                  
FILE1500                                                              
FILE600                                                               
lpr                                                                   
objT                                                                  
openssh                                                               
openssh-SNAP-20110809.tar.gz                                          
R447                                                                  
#ET=5.3 PT=0.2 IO=0.1

Example 3 – Publickey or Password Authentication

In this example, the usercode under which the client is running must be the owner of key container WEATHER_KEY1 or an error occurs. This usercode is used as the remote username. If publickey authentication is not DISABLED, then publickey authentication is attempted using the publickey contained in the WEATHER_KEY1 key container. If publickey authentication is DISABLED and password authentication is not, then password authentication is attempted using “password” as the remote password. 

R *SYSTEM/SSHCLIENT ("SSH -i WEATHER_KEY1 -P password 10.0.0.1 uname")
#RUNNING 1194                                                        
#?                                                                   
Linux                                                                
#ET=3.7 PT=0.0 IO=0.0
Prev  Up  Next
Using the SSH Client  Home  SSH Client Output