Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.

SSH

Starting the Certificate Validator

Console

To run ssh-certd as a started task, use a JCL procedure such as SSHCERTD (shown below), by default USER.PROCLIB(SSHCERTD) (defined in 0.2 SETO).

SSHCERTD:

//SSHCERTD PROC OPTS=''
//TECTIACD EXEC PGM=BPXBATSL,
//             REGION=0M,
//             TIME=NOLIMIT,
//             PARM=('PGM /opt/tectia/sbin/ssh-certd -F
//              &OPTS')
//STDENV   DD  DSN=<HLQ>.V650.PARMLIB(SSHENV),DISP=SHR
//STDOUT   DD  SYSOUT=*
//*STDERR   DD  SYSOUT=*
//STDIN    DD  DUMMY
//         PEND

Start the Certificate Validator with the following operator command:

===> S SSHCERTD 

In the sample SSHCERTD script above, ssh-certd is started with the foreground option that disables the daemon mode. With the foreground option, the daemon does not spawn the process to background and the task name stays as sshcertd.

You can assign the SSHD2 user to the started task by defining the procedure in the STARTED class and entering the user ID in the STDATA segment, for example:

RDEFINE STARTED SSHCERTD.* STDATA(USER(SSHD2)GROUP(SYS1))
SETROPTS RACLIST REFRESH 

For more information, see ssh-certd(8).

ISPF

You can control the Certificate Validator (ssh-certd) via the Tectia SSH Assistant submenu 4.2 TCRT.

Tectia SSH Assistant ISPF application - Tasks: Certificate Server (4.2 TCRT)

Figure 3.3. Tectia SSH Assistant ISPF application - Tasks: Certificate Server (4.2 TCRT)

To start the Certificate Validator, enter option 4.2.1 TCRTS (Start the Certificate server).

You should see the following console message:

SSZ0006I Task ssh-certd started

===AUTO_SCHEMA_MARKUP===