Your browser does not allow storing cookies. We recommend enabling them.


Running SOCKS Proxy

The SOCKS Proxy component consists of two processes:


The Tectia SOCKS Proxy process that needs to be running before transparent tunneling connections can be made. The process can be started under USS, or by using a JCL script or started task.

For more information on the command-line options of ssh-socks-proxy, see the description of ssh-broker-g3 in Appendix Command-Line Tools of Tectia Server 6.3 for IBM z/OS User Manual. (Running ssh-socks-proxy will actually run ssh-broker-g3 in the SOCKS Proxy mode, using the ssh-socks-proxyconfig.xml configuration files and with connection caching disabled.)


Control process for the SOCKS Proxy. It can be used, for example, to view the status of the SOCKS Proxy, to reconfigure or stop the SOCKS Proxy, or to load private keys to memory.

For more information on the ssh-socks-proxy-ctl options and commands, see the description of ssh-broker-ctl in Appendix Command-Line Tools of Tectia Server 6.3 for IBM z/OS User Manual.

In addition to the processes, there is an init script for re/starting and stopping the ssh-socks-proxy process:

> /opt/tectia/etc/init.d/ssh-socks-proxy

The script takes commands start, restart, stop and version. For example to force the SOCKS Proxy to stop, run:

> /opt/tectia/etc/init.d/ssh-socks-proxy stop

Once the script is defined in the JCL procedure for SSHSP (see Running ssh-socks-proxy as a Started Task), you can also run it with operator commands. For example to query the version of the SOCKS Proxy, you can run command:

== > s SSHSP, f=version 

Note that if you want error messages to be logged to the console, in addition to stdout, you must set the environment variable SSH_MVS_CONSOLE=YES in either

  • the environment that the SOCKS proxy command is issued, if running it from the USS shell, or

  • the data set allocated to the SSHENV DD in the JCL for the SOCKS proxy started task.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now