Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
        Preparing for Installation >>
        Upgrading Previously Installed Secure Shell Software >>
        Installing the SSH Tectia Server for IBM z/OS Software >>
            Unpacking the Installation Package
            Creating the SAMPLIB and PARMLIB Datasets
            Preparing the System
            Creating the SSHD2 User
            Creating the /opt/tectia Directory
            Running the Setup Script
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Setting up Non-Interactive Server and User Authentication >>
    Setting up Non-Interactive Secure File Transfer >>

Creating the SSHD2 User

The SSHD2 user is used to run the SSH Tectia Server and Certificate Validator. SSHD2 must have an OMVS segment and the UID 0. Further, if the BPX.DAEMON FACILITY class profile is defined, the user must have read access to it.

Caution: The SSHD2 user must not have SURROGATE rights. With those rights, the user could log in using an empty password, which is not desirable.

To create the SSHD2 user, use commands such as those in the ADDSSHD2 example located in the doc/zOS/SAMPLIB directory (shown below).

ADDSSHD2:

//ADDSSHD2 EXEC PGM=IKJEFT1A,DYNAMNBR=75,TIME=100,REGION=6M
//SYSPRINT DD  SYSOUT=*
//SYSTSPRT DD  SYSOUT=*
//SYSTERM  DD  DUMMY
//SYSTSIN  DD *
  ADDUSER SSHD2 +
    NAME('User SSHD2 for running SSH Tectia server') +
    OWNER(IBMUSER) +
    NOPASSWORD NOOIDCARD +
    OMVS(PROGRAM('/bin/false') UID(0))
  PERMIT   BPX.DAEMON CLASS(FACILITY) ID(SSHD2) ACCESS(READ)
  SETROPTS REFRESH    RACLIST(FACILITY)
/*

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now