Securing the Server

[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
        System Requirements
        Directories and Datasets>>
        Installing the SSH Tectia Server for IBM z/OS Software >>
            Required Permissions
            Unpacking the Archive
            Creating the SAMPLIB
            Preparing the System
            Creating the SSHD2 User
            Creating the /usr/lpp/ssh2 Directory
            Running the Setup Script
            Enabling Manual Pages
            Securing the Server
        Upgrading the SSH Tectia Server for IBM z/OS Software
        Removing the SSH Tectia Server for IBM z/OS Software
    Using SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Examples of Use >>
    Man Pages >>
    Log Messages >>

TCP Permissions

The server, sshd2, listens on a configured TCP port (the default is 22) and creates processes to handles connections from users.

The server must be allowed to listen on port 22 (or whichever the configured Secure Shell port is). If the installation controls access to TCP/IP stacks, ports, or networks, the user account under which the master AS is run must be given sufficient authorization. The resources in question belong to the SERVAUTH class.

If RESTRICTLOWPORTS is specified in IPCONFIG or TCPCONFIG, and SAF authorization (see above) is not used, the server must be APF-authorized.

[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]