The server, sshd2, listens on a configured TCP port (the default is 22) and creates processes to handles connections from users.
The server must be allowed to listen on port 22 (or whichever the configured Secure Shell port is). If the installation controls access to TCP/IP stacks, ports, or networks, the user account under which the master AS is run must be given sufficient authorization. The resources in question belong to the SERVAUTH class.
If RESTRICTLOWPORTS is specified in IPCONFIG or TCPCONFIG, and SAF authorization (see above) is not used, the server must be APF-authorized.
Reduce Secure Shell risk. Get to know the NIST 7966.
The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government. Download now
ISACA Practitioner Guide for SSH
With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community. Download now