Your browser does not allow storing cookies. We recommend enabling them.

SSH

Creating the SSHD2 User

The SSHD2 user is used to run Tectia Server for IBM z/OS. This user must have:

  • An OMVS segment

  • UID 0

  • Read access to the BPX.DAEMON FACILITY class

  • No SURROGATE rights

You can use the ADDSSHD2 JCL located in SAMPLIB to create the SSHD2 user:

ADDSSHD2:

//ADDSSHD2 EXEC PGM=IKJEFT1A,DYNAMNBR=75,TIME=100,REGION=6M
//SYSPRINT DD SYSOUT=*
//SYSTSPRT DD SYSOUT=*
//SYSTERM DD DUMMY
//SYSTSIN DD *
  ADDUSER SSHD2 +
    NAME('User SSHD2 for running SSH Tectia server') +
    OWNER(IBMUSER) +
    NOPASSWORD NOOIDCARD +
    OMVS(PROGRAM('/bin/false') UID(0) SHARED)
  PERMIT BPX.DAEMON CLASS(FACILITY) ID(SSHD2) ACCESS(READ)
  SETROPTS REFRESH RACLIST(FACILITY)
/*


 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now