Setting up an SSH client

Edit online

Secure Shell (SSH) is a client/server network application. It is used as a communication vehicle between the host system (for example, a laptop computer) and the system command-line interface (CLI).

Overview

The system acts as the SSH server in this relationship. If you require command-line access without entering a password, it uses the principles of public and private keys for authentication.

Authenticating SSH logins

Generate a Secure Shell (SSH) key pair to use the command-line interface (CLI). Additionally, when you use the SSH to log in to the system, you must use the RSA-based private key authentication.

When you are using AIX® hosts, SSH logins are authenticated on the system by using the RSA-based authentication that is supported in the OpenSSH client that is available for AIX . This scheme is based on the supplied password (or if you require command-line access without entering a password, then public-key cryptography is used) by using an algorithm that is known commonly as RSA.

Note: The authentication process for host systems that are not AIX is similar.

With this scheme (as in similar OpenSSH systems on other host types), the encryption, and decryption is done by using separate keys. This scheme means that it is not possible to derive the decryption key from the encryption key.

Because physical possession of the private key allows access to the system, the private key must be kept in a protected place, such as the .ssh directory on the AIX host, with restricted access permissions.

When SSH client (A) attempts to connect to SSH server (B), the SSH password (if you require command-line access without entering a password, the key pair) authenticates the connection. The key consists of two halves: the public keys and private keys. The SSH client public key is put onto SSH Server (B) using some means outside of the SSH session. When SSH client (A) tries to connect, the private key on SSH client (A) is able to authenticate with its public half on SSH server (B).

The system supports up to 32 interactive SSH sessions on the management IP address simultaneously.

Note: After one hour, a fixed SSH interactive session times out, which means the SSH session is automatically closed. This session timeout limit is not configurable.

To connect to the system, the SSH client requires a user login name and an SSH password (or if you require command-line access without entering a password, the key pair). Authenticate to the system by using a management user name and password. When you use an SSH client to access a system, you must use your user name and password. The system uses the password (and if not a password, the SSH key pair) to authorize the user who is accessing the system.

For Microsoft Windows hosts, PuTTY can be downloaded from the internet and used at no charge to provide an SSH client.

Microsoft Windows 10 includes the OpenSSH client. The ssh and scp commands work on the Microsoft Windows 10 command line. Use your existing private key or generate a new SSH keypair, and then place the private key in the .ssh folder in your user folder.