Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Using SSH Tectia Server for IBM z/OS >>
        Running the Server >>
            Starting the Server Manually under USS
            Running as a Started Task
            Starting the Server in Debug Mode
            Environment Variables for the Server
            Running ssh-certd
            Restarting the Server
        Setting Up a Shell User>>
        Running Client Programs>>
        Handling MVS Datasets and HFS File System Access>>
        Listing Datasets with SFTP Clients>>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Examples of Use >>
    Man Pages >>
    Log Messages >>

Running ssh-certd

The SSH Tectia Certificate Validator (ssh-certd) is a process used by sshd2 when validating user certificates.

To start ssh-certd manually, log on to USS as the SSHD2 user. Execute the command:

> /usr/lpp/ssh2/sbin/ssh-certd

To run ssh-certd as a started task, use a JCL procedure such as SSHCERTD (shown below). The JCL must be installed in the procedure library.


//             PARM='PGM /bin/sh /etc/ssh2/init.d/ssh-certd
//             start foreground'
//STDOUT   DD  PATH='/home/sshd2/ssh-certd.out',
//STDERR   DD  PATH='/home/sshd2/ssh-certd.err',
//             DISP=SHR
//        PEND

Start the Certificate Validator with the following operator command:

== > s sshcertd 

The sshcertd job starts.

In the sample SSHCERTD script above, ssh-certd is started with the start foreground option that disables the daemon mode. With the start foreground option, the daemon does not spawn the process to background and the task name stays as sshcertd.

If the ssh-certd process is started without the start foreground option, the ssh-certd daemon starts and spawns a new job with the name sshcertdx (where x is a number). After this, the sshcertd job ends.

You can assign the user SSHD2 to the started task by defining the procedure in the STARTED class and entering the user ID in the STDATA segment.

For more information, see Appendix ssh-certd.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2006 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now