Your browser does not allow storing cookies. We recommend enabling them.

SSH

Auxiliary Storage Shortage

The Tectia Server for IBM z/OS server program sshd2 may make large demands on Auxiliary Storage.

If the server causes the total allocation of virtual storage in the system to approach the amount of Auxiliary Storage available, the system may enter an Auxiliary Storage Shortage state, which will require operator action to rectify. In this state the system will fail to start new processes.

When a client requests file statistics or file transfer the server may stage the file into memory. Staging a data set means that the server creates a Hiperspace memory file and copies the whole data set into it. Each memory file will be the size of the converted data set, up to 2 GB. A memory file is retained until a file transfer operation on it has ended or the connection is ended. The server may concurrently retain several memory files.

Clients that have a file-listing feature may request file statistics for every file in a directory.

Thus a user on a remote machine may cause an Auxiliary Storage Shortage by executing the sftp command ls in a directory that contains many files or several large files, or get for a very large data set or file. The user must be authenticated before entering commands.

Tectia Server for IBM z/OS allows limiting the total amount of virtual storage that is used on one client connection. The limit can be set in the SSH_SFTP_STAGEFS_CACHE_SIZE_LIMIT environment variable.

Users should take precautions against the occurrence of an Auxiliary Storage Shortage situation as follows:

  • Have a spare page data set available.

  • Be prepared to identify and cancel the process causing the shortage.

  • Issue the PAGEADD command to make the spare page data set available to the system.


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more