Yes. The public key of the connecting user needs to be added to the authorized_keys file for the target account.
Mark Jacobs Sent from ProtonMail, Swiss-based encrypted email. GPG Public Key - https://api.protonmail.ch/pks/lookup?op=get&[email protected] On Tuesday, May 20th, 2025 at 7:37 PM, Steve David <[email protected]> wrote: > Hello, Running Co:Z SFTP on Dev lpar and We had problem with SFTP batch job > (using common user id) which failed with permission denied. > > Mainframe TSO Userid (TSOUSR)who tried to submit batch job using > common(Remote server-RMTSRVR) id, > > Q1: whether we need to have host(server) public key in TSO user specific > directory(u/users/TSOUSR/.ssh/known_hosts) or the common user id > (u/users/RMTSRVR/.ssh/known_hosts) on mainframe side > > Q2: Do we need give any surrogate access to individual TSO user who tried > submit batch job with common remote server id in mainframe? > > Q3: we have public key of remote server saved in user specific directory > (u/users/RMTSRVR/.ssh), is it mandatory to have (client public key)on > remote target server > authorized_keys directory as well? > > Q4:Not sure if this problem with any directory permission issue on remote > server side? > > Logs: > 1. Permission denied (public key, password,gasps-with-mic) > > When enabled ssh trace getting it shows public key authentication failed, > but then proceed with other authentication.. > > Regards > Nithi > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
