[Contents] [Index]

About This Document >>     Installing SSH Tectia Server for IBM z/OS >>     Getting Started with SSH Tectia Server for IBM z/OS >>     Configuring the Server >>     Authentication >>         Using the z/OS System Authorization Facility         Server Authentication with Public Keys in File >>         Server Authentication with Certificates >>         User Authentication with Passwords         User Authentication with Public Keys in File >>         User Authentication with Certificates >>         Host-Based User Authentication >>         User Authentication with Keyboard-Interactive     System Administration >>     File Transfer Using SFTP >>     Secure File Transfer Using Transparent FTP Security >>     Tunneling >>     Troubleshooting SSH Tectia Server for IBM z/OS >>     Man Pages and Default Configuration Files >>     Log Messages >>

User Authentication with Passwords

The password authentication method is the easiest to implement, as it is enabled by default. Password authentication uses the RACF system password of the user.

To allow password authentication, make sure that the AllowedAuthentications keyword of the /opt/tectia/etc/sshd2_config configuration file on the server contains the argument password:

AllowedAuthentications password

Other authentication methods can be listed in the configuration file as well.

To allow the users to change expired passwords, uncomment the following line in the /opt/tectia/etc/sshd2_config file:

AuthPassword.ChangePlugin ssh-passwd-plugin

Note: With passwords, it is also possible to use Keyboard-Interactive authentication. See Section Keyboard-Interactive Authentication for more information.