[Contents] [Index]

About This Document >>     Installing SSH Tectia Server for IBM z/OS >>         System Requirements         Directories and Datasets>>         Installing the SSH Tectia Server for IBM z/OS Software >>             Required Permissions             Unpacking the Archive             Creating the SAMPLIB Directory             Preparing the System             Creating the SSHD2 User             Creating the /usr/lpp/ssh2 Directory             Running the Setup Script             Enabling Manual Pages         Upgrading the SSH Tectia Server for IBM z/OS Software         Removing the SSH Tectia Server for IBM z/OS Software     Using SSH Tectia Server for IBM z/OS >>     Configuring the Server >>     Configuring the Client >>     Authentication >>     Troubleshooting SSH Tectia Server for IBM z/OS >>     Examples of Use >>     Man Pages >>     Log Messages >>

Required Permissions

Performing the installation requires write permission to /usr/lpp and /etc. It also requires permission to update RACF facilities and to issue the extattr command.

The setup script uses the extattr command to make the server program, (/usr/lpp/ssh2/sbin/sshd2), program-controlled. To issue it, the user must have read access to the BPX.FILEATTR.PROGCTL facility.

It is recommended that a user account, SSHD2, is created for running the SSH Tectia Server for IBM z/OS, see Section Creating the SSHD2 User.

If the server host key or the user keys are going to be stored in the System Authorization Facility (SAF), additional permissions are required. See Using the z/OS System Authorization Facility for more information.

The server, sshd2, listens on a configured TCP port (the default is 22) and creates processes to handles connections from users. The server must be allowed to listen on port 22 (or other configured Secure Shell port).