[Contents] [Index]

About This Document >>     Installing SSH Tectia Server (M) >>         System Requirements         Directories and Datasets>>         Installing the SSH Tectia Server (M) Software >>             Required Permissions             Preparing the System             Unpacking the Archive             Creating the SSHD2 User             Creating the /usr/lpp/ssh2 Directory             Running the Setup Script             Creating the Server Host Key Pair             Enabling Manual Pages             Securing the Server         Upgrading the SSH Tectia Server (M) Software         Removing the SSH Tectia Server (M) Software     Using SSH Tectia Server (M) >>     Troubleshooting SSH Tectia Server (M) >>     Configuration >>     Authentication >>     Application Tunneling >>     Sample Files >>     Man Pages     Log Messages >>

Creating the SSHD2 User

The SSHD2 user is used during the installation of SSH Tectia Server (M).

User address spaces start up as copies of the server address space and then change to the user's identity by executing setuid(). The user running the server must be a superuser (UID 0). Further, if the BPX.DAEMON FACILITY class profile is defined, the user must have read access to it. The server program (/usr/lpp/ssh2/sbin/sshd2) must be program-controlled.

The BPX.DAEMON FACILITY allows you to control which superusers may change UID without presenting a password. See the USS Planning Guide for instructions on how to set it up.

To create the SSHD2 user, use commands such as those in ADDSSHD2 example (see Appendix ADDSSHD2).

The example commands create an initial password which must be changed by the user. Login to the system once as SSHD2 using TSO or Telnet and change the password.

The password is required because the SSHD2 user is used during installation to log in. After the installation, the password can be revoked or removed.