Your browser does not allow storing cookies. We recommend enabling them.

SSH

Starting the Certificate Validator

Console

To run ssh-certd as a started task, use a JCL procedure such as SSHCERTD (shown below), by default USER.PROCLIB(SSHCERTD) (defined in 0.2 SETO).

SSHCERTD:

//SSHCERTD PROC OPTS=''
//TECTIACD EXEC PGM=BPXBATSL,
//             REGION=0M,
//             TIME=NOLIMIT,
//             PARM=('PGM /opt/tectia/sbin/ssh-certd -F
//              &OPTS')
//STDENV   DD  DSN=<HLQ>.V650.PARMLIB(SSHENV),DISP=SHR
//STDOUT   DD  SYSOUT=*
//*STDERR   DD  SYSOUT=*
//STDIN    DD  DUMMY
//         PEND

Start the Certificate Validator with the following operator command:

===> S SSHCERTD 

In the sample SSHCERTD script above, ssh-certd is started with the foreground option that disables the daemon mode. With the foreground option, the daemon does not spawn the process to background and the task name stays as sshcertd.

You can assign the SSHD2 user to the started task by defining the procedure in the STARTED class and entering the user ID in the STDATA segment, for example:

RDEFINE STARTED SSHCERTD.* STDATA(USER(SSHD2)GROUP(SYS1))
SETROPTS RACLIST REFRESH 

For more information, see ssh-certd(8).

ISPF

You can control the Certificate Validator (ssh-certd) via the Tectia SSH Assistant submenu 4.2 TCRT.

Tectia SSH Assistant ISPF application - Tasks: Certificate Server (4.2 TCRT)

Figure 3.3. Tectia SSH Assistant ISPF application - Tasks: Certificate Server (4.2 TCRT)

To start the Certificate Validator, enter option 4.2.1 TCRTS (Start the Certificate server).

You should see the following console message:

SSZ0006I Task ssh-certd started


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now