If SSH Tectia Server for IBM z/OS is used for file transfer only, it is advisable to disable
tunneling and terminal access to the server.
Enabling the SFTP Subsystem
To allow the users to connect with SFTP to SSH Tectia Server for IBM z/OS, the secure file
transfer subsystem has to be defined in the
If you are sure you or your users do not need to create tunnels
(possibly going around firewall restrictions or such), you can disable
tunneling (port forwarding) altogether by adding the following to your
Disabling Terminal Access
The following configuration option of SSH Tectia Server for IBM z/OS will deny the group
sftpusers terminal access.