The server, sshd2, listens on a configured TCP port (the default is 22) and creates processes to handles connections from users.
The server must be allowed to listen on port 22 (or whichever the configured Secure Shell port is). If the installation controls access to TCP/IP stacks, ports, or networks, the user account under which the master AS is run must be given sufficient authorization. The resources in question belong to the SERVAUTH class.
If RESTRICTLOWPORTS is specified in IPCONFIG or TCPCONFIG, and SAF authorization (see above) is not used, the server must be APF-authorized.