To run ssh-certd as a started task, use a JCL procedure such as
SSHCERTD (shown below), by default
USER.PROCLIB(SSHCERTD) (defined in 0.2 SETO).
//SSHCERTD PROC OPTS='' //TECTIACD EXEC PGM=BPXBATSL, // REGION=0M, // TIME=NOLIMIT, // PARM=('PGM /opt/tectia/sbin/ssh-certd -F // &OPTS') //STDENV DD DSN=
<HLQ>.V663.PARMLIB(SSHENV),DISP=SHR //STDOUT DD SYSOUT=* //*STDERR DD SYSOUT=* //STDIN DD DUMMY // PEND
Start the Certificate Validator with the following operator command:
===> S SSHCERTD
In the sample
SSHCERTD script above, ssh-certd is started with the
foreground option that disables the daemon mode. With the
foreground option, the daemon does not spawn the process to background and the task name stays as
You can assign the
SSHD2 user to the started task by defining the procedure in the
STARTED class and entering the user ID in the
STDATA segment, for example:
RDEFINE STARTED SSHCERTD.* STDATA(USER(SSHD2)GROUP(SYS1)) SETROPTS RACLIST REFRESH
For more information, see ssh-certd(8).
You can control the Certificate Validator (ssh-certd) via the Tectia SSH Assistant submenu 4.2 TCRT.
To start the Certificate Validator, enter option 4.2.1 TCRTS (Start the Certificate server).
You should see the following console message:
<USERID>ACTIVATED -S SSHCERTD +SSZ0006I Task ssh-certd started