About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Troubleshooting
Problem
This document provides the steps necessary to configure Public-key authentication on the PuTTY SSH client to gain access to the IBM i Secure Shell daemon (SSHD).
Resolving The Problem
Public-key authentication allows Secure Shell (SSH), Secure File Transfer Protocol (SFTP), and Secure Copy (SCP) clients to gain access to remote hosts running the Secure Shell Daemon (SSHD) without having to provide a password.
Prerequisites
PuTTY utility - Open Source SSH client
PuTTY key generator utility - Generates Rivest, Shamir, & Aldeman (RSA) or Digital Signature Algorithm (DSA) key pairs in the SecSh format
Assumptions
This document assumes the following:
| o | The IBM i is running at V5R4 or higher of the operating system. |
| o | A user profile consisting of eight characters or less has been created to provide SSH access to the IBM i. |
| o | A home directory exists for the user profile that was created to provide SSH access to the IBM i. |
| o | The IBM i SSHD has been configured to accept and process inbound SSH connections. |
| 1. | Use the PuTTY key generator utility to create the RSA or DSA key pair. Select the radio button for the type of key that you want to generate, and click on the Generate button:  |
| 2. | Copy the public key underneath the section labeled 'Public key for pasting into OpenSSH authrorized_keys file' into notepad. The OpenSSH version of the public key needs to be stored in the authorized_keys file in the user's .ssh folder on the IBM i: 1.  |
| 3. | Click the Save private key button in the Actions section to save the private key. A passphrase is not required for the private key. Click on the Yes button so that no passphrase is associated with the private key: 1.  |
| 4. | Use FTP in binary mode to move the OpenSSH public key that was created in Step 2 into the user's home directory on the IBM i. For additional information on configuring the IBM i SSHD to use Public-Key authentication, refer to the following Rochester Support Center knowledgebase document New, Configuring the IBM i SSHD to Use Public-Key Authentication:  . |
| 5. | Open the PuTTY SSH client, Expand Session by clicking on the + sign. Specify the IP address or host name of the IBM i: 1.  |
| 6. | Expand Connection by clicking on the + sign, select Data, and insert the IBM i user profile in the Auto-login username textbox: 1.  |
| 7. | Expand SSH by clicking on the + sign, Select Auth, Click on the Browse button, and select the private key that was saved in Step 3:  |
| 8. | Click Open. The user will be able to access the IBM i SSHD without the use of a password. |
[{"Product":{"code":"SWG60","label":"IBM i"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Communications-TCP","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]
Historical Number
582533371
Was this topic helpful?
Document Information
More support for:
IBM i
Software version:
Version Independent
Operating system(s):
IBM i
Document number:
685857
Modified date:
18 December 2019
UID
nas8N1011849
Manage My Notification Subscriptions