To verify that cryptographic hardware is being used, set the debug level for
SecShPluginCipherZosIcsf to 10. Setting all debug to level 10 would have the same result, but you would end up with a large amount of data to look through.
You can use this command from USS to verify that cryptographic hardware is enabled:
> sshg3 -DSecShPluginCipherZosIcsf=10 127.0.0.1
The command should produce the following type of output:
Development-time debugging is enabled. Setting debug level string to 'SecShPluginCipherZosIcsf=10'. ... state_determine: Hardware for 3des-cbc: CPACF state_determine: Hardware for aes128-cbc: CPACF state_determine: Hardware for aes192-cbc: CPACF state_determine: Hardware for aes256-cbc: CPACF ... Remote system type is POSIX (z/OS). sftp>