SSH

Index

A

address space, System Limits and Requirements
AddressFamily, Configuration File
AF_UNIX socket, System Limits and Requirements
agent forwarding, Agent Forwarding
agent forwarding log messages, Agent Forwarding
AllowAgentForwarding, Agent Forwarding, Configuration File
AllowedAuthentications, User Authentication with Passwords , Enabling Public-Key Authentication, Certificates Stored in File, Certificates Stored in SAF, Certificates Stored in File, Certificates Stored in SAF, Configuration File
AllowGroups, Restricting User Logins , Configuration File
AllowHosts, Restricting User Logins , Restricting Connections, Configuration File, User Authentication - Common
AllowSHosts, Optional Configuration Settings, Configuration File
AllowTcpForwarding, Configuration File
AllowTcpForwardingForGroups, Configuration File
AllowTcpForwardingForUsers, Configuration File
AllowUsers, Restricting User Logins , Configuration File, User Authentication - Common
AnyCipher, Configuring Ciphers
AnyHostKeyAlgorithm, Configuring Host Key Signature Algorithms
AnyKEX, Configuring KEXs
AnyMac, Configuring MACs
AnyPublicKeyAlgorithm, Configuring Public Key Signature Algorithms
AnyStdCipher, Configuring Ciphers
AnyStdHostKeyAlgorithm, Configuring Host Key Signature Algorithms
AnyStdKEX, Configuring KEXs
AnyStdMac, Configuring MACs
AnyStdPublicKeyAlgorithm, Configuring Public Key Signature Algorithms
application tunneling, Tunneling
auditing, Auditing, Logging, Log Messages
auth-hostbased, Traditional Public Keys Stored in File, Certificates Stored in File
authentication, Authentication
certificate, User Authentication with Certificates
host-based, Host-Based User Authentication , Server Configuration
host-based with certificates, Certificates Stored in File, Certificates Stored in File
host-based with SAF keys, Certificates Stored in SAF
Keyboard-Interactive, User Authentication with Keyboard-Interactive
password, Using Password Authentication, User Authentication with Passwords , User Authentication with Keyboard-Interactive
public-key
server, Authenticating Remote Server Hosts, Server Authentication with Public Keys in File
user, Using Public-Key Authentication, User Authentication with Public Keys in File, Enabling Public-Key Authentication, User Authentication - Public Key
SAF key, Certificates Stored in SAF, Certificates Stored in SAF
authentication log messages, User Authentication - Common , User Authentication - Host-Based , User Authentication - Keyboard-Interactive Password, User Authentication - Keyboard-Interactive, User Authentication - Password , User Authentication - Public Key
authentication methods, Authentication
authentication-methods, Traditional Public Keys Stored in File, Certificates Stored in File
AuthHostbased.Cert.Required, Certificates Stored in File, Certificates Stored in SAF, Configuration File
AuthHostbased.Cert.ValidationMethods, Certificates Stored in SAF, Configuration File
AuthKbdInt.FailureTimeout, User Authentication with Keyboard-Interactive
AuthKbdInt.NumOptional, User Authentication with Keyboard-Interactive, Configuration File
AuthKbdInt.Optional, User Authentication with Keyboard-Interactive, Configuration File
AuthKbdInt.Plugin, Configuration File
AuthKbdInt.Required, User Authentication with Keyboard-Interactive
authorization, Authorization File Options
AuthorizationEkInitStringMapper, Configuration File
AuthorizationEkProvider, Certificates Stored in SAF
AuthorizationFile, Using Keys Generated with OpenSSH
AuthorizedKeysFile, Using Keys Generated with OpenSSH, Configuration File
AuthPassword.ChangePlugin, Configuration File
AuthPublicKey.Algorithms, Configuration File
AuthPublicKey.Cert.Required, Certificates Stored in File, Certificates Stored in SAF, Configuration File
AuthPublicKey.Cert.ValidationMethods, Certificates Stored in SAF, Configuration File
AuthPublicKey.MaxSize, Configuration File
AuthPublicKey.MinSize, Configuration File
auxiliary storage shortage, Auxiliary Storage Shortage

B

banner message, Notification
BannerMessageFile, Configuration File
basic configuration, Configuring the Server
batch file transfers, Creating a User for Batch File Transfers

C

CA certificate, Certificates Stored in File
case-sensitivity, Configuration File
CertdListenerPath, Configuration File
certificate authentication
user, User Authentication with Certificates
certificate revocation list (CRL), Certificates Stored in File, Certificates Stored in SAF, Certificates Stored in File, Certificates Stored in SAF
Certificate Validator, Getting Started with Tectia Server for IBM z/OS, ssh-certd
querying version, Querying the Certificate Validator Version
restarting, Restarting the Certificate Validator
setting options for starting, Setting Options for Starting the Certificate Validator
starting, Starting the Certificate Validator
stopping, Stopping the Certificate Validator
certificate-specific log messages, Certificate-Specific Code
certificates
enrolling, Certificates Stored in File
certificates in host-based authentication, Certificates Stored in File, Certificates Stored in File
certification authority (CA), Server Authentication with Certificates
changing host key, Notifying the Users of the Host Key Change
character set, Shell Access and Remote Commands
chcp command, Supporting the chcp Command
check configuration, sshd-check-conf
CheckMail, Configuration File
ChRootGroups, Configuration File
ChRootUsers, Configuration File
Ciphers, Configuring Ciphers, Configuration File
code page, Shell Access and Remote Commands
code pages, Configuring Code Pages
coded character set conversion, Environment Variables for Server and Client Applications
command accepted, Console Messages
command option unrecognized, Console Messages
command unrecognized, Console Messages
command-line options
server, Command-Line Options
common code log messages, Common Code
conddisp, Handling Prematurely Ending File Transfers
configuration
cipher, Configuring Ciphers
host key signature algorithms, Configuring Host Key Signature Algorithms
KEX, Configuring KEXs
MAC, Configuring MACs
public key signature algorithms, Configuring Public Key Signature Algorithms
root logins, Configuring Root Logins
subconfigurations, Defining Subconfigurations
configuration file
ssh-certd, Configuration File, ssh_certd_config, Configuration File
sshd2, Configuration File
configuration files
server, Server Configuration Files
SOCKS Proxy, Configuring SOCKS Proxy
Connection Broker, Terminology
console messages, Console Messages
command accepted, Console Messages
command option unrecognized, Console Messages
command unrecognized, Console Messages
invalid access attempt, Console Messages
process started, Console Messages
restart, Console Messages
start, Console Messages
stop, Console Messages
version, Console Messages
version control information, Console Messages
controlling file transfer, Controlling File Transfer
controlling the Certificate Validator, Running the Certificate Validator (ssh-certd)
CPU time, Exceeding Maximum CPU Time
creating file transfer user, Creating a User for Batch File Transfers
creating SSHSP user, Creating the SSHSP User
cryptographic algorithms, Configuring Cryptographic Algorithms
cryptographic hardware support, Cryptographic Hardware Support
cryptography support log messages, Cryptography Support
customer support, Customer Support

D

debug level, Setting the Debug Level
in console, Setting the Debug Level in the Console
in ISPF, Setting the Debug Level in ISPF
debugging, Debugging Tectia Server for IBM z/OS
file transfer, Debugging File Transfer
sshd2 started task, Setting the Debug Level
USS shell, Debugging Using USS shell
default configuration files
sshd2_config, Default sshd2_config Configuration File
ssh_certd_config, Default ssh_certd_config Configuration File
DefaultDomain, Traditional Public Keys Stored in File, Certificates Stored in File
denial-of-service attack, Load Control
DenyGroups, Restricting User Logins , Configuration File
DenyHosts, Restricting User Logins , Configuration File, User Authentication - Common
denying agent forwarding, Agent Forwarding
denying connection attempts, Restricting Connections
denying file transfers, Restrictions to Tunneling
denying terminal access, Disabling Terminal Access , Restrictions to Tunneling
denying tunneling, Disabling Tunneling
DenySHosts, Optional Configuration Settings, Configuration File
DenyTcpForwardingForGroups, Configuration File
DenyTcpForwardingForUsers, Configuration File
DenyUsers, Restricting User Logins , Configuration File, User Authentication - Common
directories
$HOME/.ssh2, USS
/opt, Before Installation
/opt/tectia, USS
/tmp, USS
sample files, Sample Files
directories and data sets, Directories and Data Sets
MVS, MVS
USS, USS
DisableVersionFallback, Configuration File
disabling root logins, Configuring Root Logins
disclaimer before login, Notification
disk space requirement, System Requirements
documentation, About This Document
documentation conventions, Documentation Conventions
dual TCP/IP stack, Running the Server and SOCKS Proxy on Multiple TCP/IP Stack z/OS
connecting with Tectia clients, Connecting via Different TCP/IP Stacks with Tectia Clients
running the server, Running Two Servers on a Dual TCP/IP Stack
running the SOCKS Proxy, Running Two SOCKS Proxies on a Dual TCP/IP Stack

G

general server log messages, General Server Log Messages
generating host key, Generating the Server Host Key Pair

H

home directory, Before Installation
host certificate
enrolling, Certificates Stored in File
host key
changing, Notifying the Users of the Host Key Change
generating, Generating the Server Host Key Pair
multiple, Defining Server Host Key
host key check, disabling, Disabling Host Key Check
host key I/O log messages, Host Key I/O
host restrictions, Restricting User Logins
host-based authentication, Host-Based User Authentication , Server Configuration, User Authentication - Host-Based
host-based authentication with certificates, Certificates Stored in File, Certificates Stored in File
host-based authentication with SAF keys, Certificates Stored in SAF
HostbasedAuthForceClientHostnameDNSMatch, Traditional Public Keys Stored in File, Optional Configuration Settings, Configuration File
HostCA, Certificates Stored in File
HostCAEkProvider, Certificates Stored in SAF
HostCertificateFile, Certificates Stored in File, Certificates Stored in File, Configuration File
HostIdMappingHostnames, Certificates Stored in SAF, Configuration File
hostkey, Server Configuration Files, Defining Server Host Key
HostKey.Cert.Required, Certificates Stored in File, Certificates Stored in SAF, Configuration File
hostkey.pub, Server Configuration Files, Defining Server Host Key
HostKeyAlgorithms, Configuration File
HostKeyEkInitString, Certificates Stored in SAF, Configuration File
HostKeyEkProvider, Certificates Stored in SAF, Configuration File
HostKeyFile, Defining Server Host Key, Certificates Stored in File, Certificates Stored in File, Configuration File
hosts.equiv, Optional Configuration Settings
HostSpecificConfig, Host-Specific Subconfiguration, Configuration File

I

IdentityDispatchUsers, Configuration File
IdleTimeOut, Configuration File
IgnoreRhosts, Optional Configuration Settings, Configuration File
IgnoreRootRhosts, Configuration File
incoming tunnels, Tunneling, Remote Tunnels
inetd, General Server Log Messages
INIT, SFTP
installation directories, Running Tectia and OpenSSH on the Same Host
installing
Tectia SSH Assistant, Installing the Tectia SSH Assistant ISPF Application
installing Tectia Server for IBM z/OS, Installing Tectia Server for IBM z/OS, Installing Tectia Server for IBM z/OS
licensing, Licensing
permission requirements, Permission Requirements
system limits and requirements, System Limits and Requirements
system requirements, System Requirements
uploading installation files, Uploading Files Required for Installation
invalid access attempt, Console Messages
IPv6 support, IPv6 Support, IPv6 Support on Tectia Server and client tools for IBM z/OS

L

LDAPServers, Certificates Stored in File, Certificates Stored in SAF, Certificates Stored in File, Certificates Stored in SAF
legal disclaimer, Notification
licensing, Licensing
line delimiters, Shell Access and Remote Commands, Configuring Terminal Data Conversion
listen address, Restricting Connections
listen port, Restricting Connections
ListenAddress, Restricting Connections, Configuration File
ListenerRetryInterval, Configuration File
load control, Load Control
LoadControl.Active, Load Control, Configuration File
LoadControl.DiscardLimit, Load Control, Configuration File
LoadControl.WhitelistSize, Load Control, Configuration File
local port forwarding, Local Tunnels
local tunnels, Local Tunnels
log messages
agent forwarding, Agent Forwarding
certificates, Certificate-Specific Code
common code, Common Code
cryptography support, Cryptography Support
host key, Host Key I/O
host-based authentication, User Authentication - Host-Based
Keyboard-Interactive, User Authentication - Keyboard-Interactive Password, User Authentication - Keyboard-Interactive
password authentication, User Authentication - Password
public-key authentication, User Authentication - Public Key
server, General Server Log Messages
session channel, Session Channels
SFTP, SFTP
SSH1 agent, SSH1 Agent Forwarding
tunneling, Port Forwarding
user authentication, User Authentication - Common
logging, Auditing, Logging, File Transfer Server Log Messages with Wrong Timestamps, Log Messages
login
restricting, Restricting User Logins
root, Configuring Root Logins
login process, sshd2, Login Process
LoginGraceTime, Configuration File, General Server Log Messages

M

MACs, Configuring MACs, Configuration File
man pages, Man Pages
man-in-the-middle attack, Notifying the Users of the Host Key Change
manual pages, Enabling Manual Pages
MapFile, Certificates Stored in File, Certificates Stored in SAF
MaxBroadcastsPerSecond, Configuration File
MaxConnections, Load Control, Configuration File
Message Authentication Code (MAC), Configuring MACs
message before login, Notification
migrated data sets, Setting Up Security for Processing Offline Data Sets
missing home directory, User Authentication - Host-Based
modifying configuration files, Editing Configuration Files
multiple host keys, Defining Server Host Key
multiple TCP/IP stack
connecting with Tectia clients, Connecting via Different TCP/IP Stacks with Tectia Clients
running the server, Running Two Servers on a Dual TCP/IP Stack
running the SOCKS Proxy, Running Two SOCKS Proxies on a Dual TCP/IP Stack

N

Network Address Translation (NAT), Optional Configuration Settings
network interface binding, Restricting Connections
NoDelay, Configuration File

P

PasswdPath, Configuration File
password authentication, Using Password Authentication, User Authentication with Passwords , User Authentication with Keyboard-Interactive, User Authentication - Keyboard-Interactive Password, User Authentication - Password
PasswordGuesses, Configuration File
pattern matching syntax, Restricting User Logins
permission requirements, Permission Requirements
PermitEmptyPasswords, Configuration File
PermitRootLogin, Configuration File
permitting root logins, Configuring Root Logins
PidFile, Configuration File
PKCS #7 package, Certificates Stored in File
Pki, Certificates Stored in File
PkiEkProvider, Certificates Stored in SAF
Port, Restricting Connections, Configuration File
port forwarding, Tunneling
local, Local Tunnels
remote, Remote Tunnels
port forwarding log messages, Port Forwarding
preparing for installation, Preparing for Installation
PrintMotd, Configuration File
private key
host, Defining Server Host Key, Certificates Stored in File
problem situations, Solving Problem Situations
process started, Console Messages
product installation jobs, Generating Product Installation Jobs
ProxyServer, Configuration File
pseudo-volume, Restoring Archived Data Sets
public-key authentication
server, Authenticating Remote Server Hosts, Server Authentication with Public Keys in File
user, Using Public-Key Authentication, User Authentication with Public Keys in File, Enabling Public-Key Authentication, User Authentication - Public Key
PublicHostKeyFile, Defining Server Host Key, Configuration File

Q

QuietMode, Configuration File

R

RandomSeedFile, Configuration File
regular expressions (regex), sshregex
egrep, Regex syntax: egrep
ssh, Regex syntax: ssh
syntax, Restricting User Logins
traditional, Regex syntax: zsh_fileglob (or traditional)
zsh_fileglob, Regex syntax: zsh_fileglob (or traditional)
RekeyIntervalSeconds, Configuration File
related documents, About This Document
reloading the SOCKS Proxy configuration, Reloading ssh-socks-proxy configuration
remote command, System Administration
remote port forwarding, Remote Tunnels
remote tunnels, Remote Tunnels
RequiredAuthentications, Configuration File
RequireReverseMapping, Configuration File, User Authentication - Common
ResolveClientHostName, Configuration File
restart, Console Messages
restarting SOCKS Proxy, Restarting ssh-socks-proxy
restarting the Certificate Validator, Restarting the Certificate Validator
restarting the server, Restarting the Server
restoring archived data sets, Restoring Archived Data Sets
restricting SFTP access, Restricting Access to User's MVS User Catalog
restricting tunneling, Restrictions to Tunneling
restricting user login, Restricting User Logins
reverse DNS mapping, User Authentication - Common
rhosts, Restricting User Logins
root login, Configuring Root Logins
root login denied, User Authentication - Common
running the Certificate Validator, Running the Certificate Validator (ssh-certd)
running the server, Running the SSH Server (sshd2)

S

SAF authentication
server, Certificates Stored in SAF
user, Certificates Stored in SAF
SAF keys in host-based authentication, Certificates Stored in SAF
sample files, Sample Files
scpg3, Terminology
secure application connectivity, Tunneling
secure configuration, Securing the Server
Secure File Transfer Protocol (SFTP), File Transfer Using SFTP
Secure Shell Certificate Validator, ssh-certd
Secure Shell Daemon, sshd2
SerialAndIssuer, Certificate User Mapping File
server
querying version, Querying the Server Version
restarting, Restarting the Server
running on multiple TCP/IP stacks, Running Two Servers on a Dual TCP/IP Stack
setting options for starting, Setting Options for Starting the Server
starting, Starting the Server
stopping, Stopping the Server
server authentication
with public key, Server Authentication with Public Keys in File
with SAF keys, Certificates Stored in SAF
server authentication methods, Authentication
server banner message, Notification
server certificate, Server Authentication with Certificates
server configuration, Configuring the Server, Shell Access and Remote Commands
server configuration files, Server Configuration Files
server listen address, Restricting Connections
server listen port, Restricting Connections
server log messages, General Server Log Messages
session channel related log messages, Session Channels
setsid, General Server Log Messages
SettableEnvironmentVars, Configuration File
setting debug level, Setting the Debug Level
setting up a shell user, Setting Up a Shell User
Settings for installation input, 0.1 SETI - Settings for installation input
Settings for installation output, 0.2 SETO - Settings for installation output
sft-server-g3, Defining Subsystems, Logging SFTP Transactions , Enabling the SFTP Subsystem, File Transfer Server Log Messages with Wrong Timestamps
SFTP log messages, SFTP
SFTP subsystem, Enabling the SFTP Subsystem
sftpg3, Terminology
SftpSmfType, Configuration File
SftpSysLogFacility, Configuration File
shell access, System Administration
shell user, Setting Up a Shell User
ShellAccountCodeset, Configuring Terminal Data Conversion, Configuration File
ShellAccountLineDelimiter, Configuring Terminal Data Conversion, Configuration File
ShellConvert, Configuring Terminal Data Conversion, Configuration File
ShellTransferCodeset, Configuring Terminal Data Conversion, Configuration File
ShellTransferLineDelimiter, Configuring Terminal Data Conversion, Configuration File
ShellTranslateTable, Configuring Terminal Data Conversion, Configuration File
shosts, Restricting User Logins
shosts.equiv, Optional Configuration Settings, User Authentication - Host-Based
SIGHUP, General Server Log Messages
signal 29, Exceeding Maximum CPU Time
signature algorithms
host key, Configuring Host Key Signature Algorithms
public key, Configuring Public Key Signature Algorithms
SIGXCPU, Exceeding Maximum CPU Time
SMF Auditing, SMF Auditing
socket, System Limits and Requirements
SOCKS Proxy, Terminology, Transparent FTP Tunneling, Running SOCKS Proxy
configuring, Configuring SOCKS Proxy
reloading configuration, Reloading ssh-socks-proxy configuration
restarting, Restarting ssh-socks-proxy
running as started task, Creating the SSHSP User, Running ssh-socks-proxy as a Started Task
running on multiple TCP/IP stacks, Running Two SOCKS Proxies on a Dual TCP/IP Stack
starting manually, Starting ssh-socks-proxy Manually under USS
stopping, Stopping ssh-socks-proxy
SocksServer, Certificates Stored in File, Certificates Stored in SAF, Certificates Stored in File, Certificates Stored in SAF, Configuration File
ssh (regex), Regex syntax: ssh
ssh-broker-config.xml
auth-hostbased, Traditional Public Keys Stored in File, Certificates Stored in File
authentication-methods, Traditional Public Keys Stored in File, Certificates Stored in File
strict-host-key-checking, Notifying the Users of the Host Key Change
ssh-broker-ctl, Terminology
ssh-broker-g3, Terminology
ssh-certd, Terminology, Getting Started with Tectia Server for IBM z/OS, ssh-certd
configuration file, Configuration File, Configuration File
options, Options
querying version, Querying the Certificate Validator Version
restarting, Restarting the Certificate Validator
setting options for starting, Setting Options for Starting the Certificate Validator
starting, Starting the Certificate Validator
stopping, Stopping the Certificate Validator
ssh-cmpclient-g3, Certificates Stored in File
ssh-dummy-shell, ssh-dummy-shell
ssh-externalkeys, ssh-externalkeys
ssh-keydist-g3, Storing Remote Server Host Keys
ssh-keygen-g3, Using Public-Key Authentication, Generating the Server Host Key Pair
ssh-scepclient-g3, Certificates Stored in File
ssh-socks-proxy, Running SOCKS Proxy
ssh-socks-proxy-config.xml, Summary of Configuration Steps, Configuring SOCKS Proxy
default-settings, The ssh-socks-proxy-config.xml configuration file
filter-engine, The ssh-socks-proxy-config.xml configuration file
profiles, The ssh-socks-proxy-config.xml configuration file
static-tunnels, The ssh-socks-proxy-config.xml configuration file
ssh-socks-proxy-ctl, Running SOCKS Proxy
SSH1 agent forwarding log messages, SSH1 Agent Forwarding
ssh2_config, Traditional Public Keys Stored in File, Certificates Stored in File
SSHCERTD, Console
sshd-check-conf, sshd-check-conf
behavior, Behavior
examples, Examples
options, Options
sshd2, Terminology, Getting Started with Tectia Server for IBM z/OS, sshd2
advanced configuration, sshd2_subconfig
configuration file, Configuration File
configuration file format, sshd2_config
files, Files
login process, Login Process
options, Options
querying version, Querying the Server Version
restarting, Restarting the Server
setting options for starting, Setting Options for Starting the Server
starting, Starting the Server
stopping, Stopping the Server
SSHD2, Console
sshd2_config, Server Configuration Files, Configuring Ciphers, Configuring MACs, Configuring KEXs, Configuring Host Key Signature Algorithms, Configuring Public Key Signature Algorithms, Restricting User Logins , sshd2_config, Default sshd2_config Configuration File
sshd2_config keyword
AddressFamily, Configuration File
AllowAgentForwarding, Agent Forwarding, Configuration File
AllowedAuthentications, User Authentication with Passwords , Enabling Public-Key Authentication, Certificates Stored in File, Certificates Stored in SAF, Certificates Stored in File, Certificates Stored in SAF, Configuration File
AllowGroups, Configuration File
AllowHosts, Configuration File
AllowSHosts, Optional Configuration Settings, Configuration File
AllowTcpForwarding, Configuration File
AllowTcpForwardingForGroups, Configuration File
AllowTcpForwardingForUsers, Configuration File
AllowUsers, Configuration File
AuthHostbased.Cert.Required, Certificates Stored in File, Certificates Stored in SAF, Configuration File
AuthHostbased.Cert.ValidationMethods, Certificates Stored in SAF, Configuration File
AuthInteractiveFailureTimeout, Configuration File
AuthKbdInt.FailureTimeout, User Authentication with Keyboard-Interactive
AuthKbdInt.NumOptional, User Authentication with Keyboard-Interactive, Configuration File
AuthKbdInt.Optional, User Authentication with Keyboard-Interactive, Configuration File
AuthKbdInt.Plugin, Configuration File
AuthKbdInt.Required, User Authentication with Keyboard-Interactive, Configuration File
AuthKbdInt.Retries, Configuration File
AuthorizationEkInitStringMapper, Configuration File
AuthorizationEkInitStringMapperTimeout, Configuration File
AuthorizationEkProvider, Certificates Stored in SAF, Configuration File
AuthorizationFile, Configuration File
AuthorizedKeysFile, Using Keys Generated with OpenSSH, Configuration File
AuthPassword.ChangePlugin, Configuration File
AuthPublicKey.Algorithms, Configuration File
AuthPublicKey.Cert.Required, Certificates Stored in File, Certificates Stored in SAF, Configuration File
AuthPublicKey.Cert.ValidationMethods, Certificates Stored in SAF, Configuration File
AuthPublicKey.MaxSize, Configuration File
AuthPublicKey.MinSize, Configuration File
BannerMessageFile, Configuration File
CertdListenerPath, Configuration File
CheckMail, Configuration File
ChRootGroups, Configuration File
ChRootUsers, Configuration File
Ciphers, Configuration File
DenyGroups, Configuration File
DenyHosts, Configuration File
DenySHosts, Optional Configuration Settings, Configuration File
DenyTcpForwardingForGroups, Configuration File
DenyTcpForwardingForUsers, Configuration File
DenyUsers, Configuration File
DisableVersionFallback, Configuration File
ExternalAuthorizationProgram, Configuration File
ForwardACL, Configuration File
ForwardAgent, Configuration File
HostbasedAuthForceClientHostnameDNSMatch, Traditional Public Keys Stored in File, Optional Configuration Settings, Configuration File
HostCertificateFile, Certificates Stored in File, Certificates Stored in File, Configuration File
HostIdMappingHostnames, Certificates Stored in SAF, Configuration File
HostKey.Cert.Required, Certificates Stored in File, Certificates Stored in SAF, Configuration File
HostKeyAlgorithms, Configuration File
HostKeyEkInitString, Certificates Stored in SAF, Configuration File
HostKeyEkProvider, Certificates Stored in SAF, Configuration File
HostKeyFile, Defining Server Host Key, Certificates Stored in File, Certificates Stored in File, Configuration File
HostSpecificConfig, Configuration File
IdentityDispatchUsers, Configuration File
IdleTimeOut, Configuration File
IgnoreRhosts, Optional Configuration Settings, Configuration File
IgnoreRootRhosts, Configuration File
KeepAlive, Configuration File
KEXs, Configuration File
KnownHostsEkProvider, Configuration File
ListenAddress, Configuration File
ListenerRetryInterval, Configuration File
LoadControl.Active, Configuration File
LoadControl.DiscardLimit, Configuration File
LoadControl.WhitelistSize, Configuration File
LoginGraceTime, Configuration File
MACs, Configuration File
MaxBroadcastsPerSecond, Configuration File
MaxConnections, Configuration File
NoDelay, Configuration File
PasswdPath, Configuration File
PasswordGuesses, Configuration File
PermitEmptyPasswords, Configuration File
PermitRootLogin, Configuration File
PidFile, Configuration File
Port, Configuration File
PrintMotd, Configuration File
ProxyServer, Configuration File
PublicHostKeyFile, Configuration File
QuietMode, Configuration File
RandomSeedFile, Configuration File
RekeyIntervalSeconds, Configuration File
RequiredAuthentications, Configuration File
RequireReverseMapping, Configuration File
ResolveClientHostName, Configuration File
SettableEnvironmentVars, Configuration File
SftpSmfType, Configuration File
SftpSysLogFacility, Configuration File
ShellAccountCodeset, Configuring Terminal Data Conversion, Configuration File
ShellAccountLineDelimiter, Configuring Terminal Data Conversion, Configuration File
ShellConvert, Configuring Terminal Data Conversion, Configuration File
ShellTransferCodeset, Configuring Terminal Data Conversion, Configuration File
ShellTransferLineDelimiter, Configuring Terminal Data Conversion, Configuration File
ShellTranslateTable, Configuring Terminal Data Conversion, Configuration File
SocksServer, Configuration File
StrictModes, Configuration File
StrictModes.UserDirMaskBits, Configuration File
Subsystem-<subsystem name>, Defining Subsystems, Handling Prematurely Ending File Transfers , Controlling Staging during File Transfers , Configuration File
SysLogFacility, Configuration File
Terminal.AllowGroups, Configuration File
Terminal.AllowUsers, Configuration File
Terminal.DenyGroups, Configuration File
Terminal.DenyUsers, Configuration File
UseCryptoHardware, Configuration File
UserConfigDirectory, Configuration File
UserKnownHosts, Traditional Public Keys Stored in File, Configuration File
UserSpecificConfig, Configuration File
UseSocks5, Configuration File
VerboseMode, Configuration File
WTORoutingCodes, Configuration File
sshd2_subconfig, sshd2_subconfig
options, Options
SSHENV, Environment Variables for Server and Client Applications
sshg3, Terminology
sshregex, sshregex
sshsetenv, Environment Variables for Server and Client Applications
SSHSP user, creating, Creating the SSHSP User
ssh_certd_config, Server Configuration Files, Restricting User Logins , ssh_certd_config, Default ssh_certd_config Configuration File
ssh_certd_config keyword
Cert.DODPKI, Configuration File
CertCacheFile, Configuration File
CrlAutoUpdate, Configuration File
CrlPrefetch, Configuration File
ExternalMapper, Configuration File
ExternalMapperTimeout, Configuration File
HostCA, Certificates Stored in File, Configuration File
HostCAEkProvider, Configuration File
HostCAEkProviderNoCRLs, Configuration File
HostCANoCRLs, Configuration File
LDAPServers, Certificates Stored in File
LdapServers, Configuration File
MapFile, Certificates Stored in File, Configuration File
OCSPResponderURL, Configuration File
PidFile, Configuration File
Pki, Certificates Stored in File, Configuration File
PkiDisableCrls, Configuration File
PkiEkProvider, Certificates Stored in SAF, Configuration File
QuietMode, Configuration File
RandomSeedFile, Configuration File
SocksServer, Certificates Stored in File, Configuration File
SysLogFacility, Configuration File
UseSocks5, Configuration File
UseSSHD2ConfigFile, Configuration File
VerboseMode, Configuration File
WTORoutingCodes, Configuration File
ssh_channel_request_env, Session Channels
SSH_FXP_CLOSE, SFTP
SSH_FXP_EXTENDED, SFTP
SSH_FXP_FSETSTAT, SFTP
SSH_FXP_FSTAT, SFTP
SSH_FXP_INIT, SFTP
SSH_FXP_LSTAT, SFTP
SSH_FXP_MKDIR, SFTP
SSH_FXP_OPEN, SFTP
SSH_FXP_OPENDIR, SFTP
SSH_FXP_READDIR, SFTP
SSH_FXP_READLINK, SFTP
SSH_FXP_REALPATH, SFTP
SSH_FXP_REMOVE, SFTP
SSH_FXP_RENAME, SFTP
SSH_FXP_RMDIR, SFTP
SSH_FXP_SETSTAT, SFTP
SSH_FXP_STAT, SFTP
SSH_FXP_SYMLINK, SFTP
SSH_MVS_CONSOLE, Running SOCKS Proxy
SSH_SFT_PSEUDOVOLUME_VOLSERS, Restoring Archived Data Sets
staging, Controlling Staging during File Transfers
starting the server, Starting the Server
starting the SOCKS Proxy, Starting ssh-socks-proxy Manually under USS
stop, Console Messages
stopping the Certificate Validator, Stopping the Certificate Validator
stopping the server, Stopping the Server
stopping the SOCKS Proxy, Stopping ssh-socks-proxy
storing remote host keys, Storing Remote Server Host Keys
strict-host-key-checking, Notifying the Users of the Host Key Change
StrictModes, Configuration File, User Authentication - Host-Based
StrictModes.UserDirMaskBits, Configuration File
subconfigurations, Defining Subconfigurations
Subject, Certificate User Mapping File
SubjectRegex, Certificate User Mapping File
subsystem, Defining Subsystems
Subsystem-<subsystem name>, Configuration File
subsystem-sftp, Enabling the SFTP Subsystem, Handling Prematurely Ending File Transfers , Controlling Staging during File Transfers
support, Customer Support
symmetric encryption, Configuring Ciphers
syslog, Auditing, Logging, File Transfer Server Log Messages with Wrong Timestamps
SysLogFacility, Configuration File
system configuration, Configuring the Server
system limits and requirements, System Limits and Requirements
system log, Logging
System Management Facilities (SMF), SMF Auditing
system requirements, System Requirements

T

task started, Console Messages
TCP wrappers, General Server Log Messages
technical support, Customer Support
Tectia client tools for z/OS, Terminology
Tectia Server for IBM z/OS, Terminology
Tectia SSH Assistant, Terminology
generating product installation jobs, Generating Product Installation Jobs
installation settings, Installation Settings and Defaults
installing, Installing the Tectia SSH Assistant ISPF Application
menu structure, Installing the Tectia SSH Assistant ISPF Application
running product installation jobs, Running the Product Installation Jobs
terminal data conversion, Configuring Terminal Data Conversion
Terminal.AllowGroups, Configuration File
Terminal.AllowUsers, Configuration File
Terminal.DenyGroups, Disabling Terminal Access , Configuration File
Terminal.DenyUsers, Disabling Terminal Access , Configuration File
terminology, Terminology
timestamp, File Transfer Server Log Messages with Wrong Timestamps
TN3270, Tunneling TN3270
trace level, Setting the Debug Level in ISPF
transparent FTP tunneling, Secure File Transfer Using Transparent FTP Security
transparent TCP tunneling, Tunneling TN3270
troubleshooting, Troubleshooting Tectia Server for IBM z/OS
tunneling, Tunneling
access control, Restrictions to Tunneling
agent, Agent Forwarding
local, Local Tunnels
remote, Remote Tunnels
TN3270, Tunneling TN3270
transparent FTP, Secure File Transfer Using Transparent FTP Security
tunneling log messages, Port Forwarding
tunnels
local (outgoing), Local Tunnels
remote (incoming), Remote Tunnels
TZ, File Transfer Server Log Messages with Wrong Timestamps

U

ultimately restricted shell, ssh-dummy-shell
unrecognized command, Console Messages
unrecognized command option, Console Messages
upgrading Tectia Server for IBM z/OS, Upgrading from Tectia Server for IBM z/OS Version 6.x
uploading installation files, Uploading Files Required for Installation
UseCryptoHardware, Cryptographic Hardware Support, Configuration File
user authentication
host-based, Host-Based User Authentication , Certificates Stored in File, Server Configuration, Certificates Stored in File, Certificates Stored in SAF
with certificates, User Authentication with Certificates
with Keyboard-Interactive, User Authentication with Keyboard-Interactive
with password, Using Password Authentication, User Authentication with Passwords
with public key, Using Public-Key Authentication, User Authentication with Public Keys in File, Enabling Public-Key Authentication
with SAF keys, Certificates Stored in SAF
user authentication log messages, User Authentication - Common , User Authentication - Host-Based , User Authentication - Keyboard-Interactive Password, User Authentication - Keyboard-Interactive, User Authentication - Password , User Authentication - Public Key
user authentication methods, Authentication
user login, restricting, Restricting User Logins
user name, Restricting User Logins
user requirements, Before Installation
user restrictions, Restricting User Logins
UserConfigDirectory, Configuration File
UserKnownHosts, Traditional Public Keys Stored in File, Configuration File
UserSpecificConfig, User-Specific Subconfiguration, Configuration File
UseSocks5, Configuration File

V

VerboseMode, Configuration File
version, Console Messages
Certificate Validator, Querying the Certificate Validator Version
server, Querying the Server Version
version control information
branch, Console Messages
revision, Console Messages
virtual storage limit, Auxiliary Storage Shortage
volume serial number, Restoring Archived Data Sets

W

well-known port, Tunneling
white list, Load Control
Workload Manager (WLM), System Limits and Requirements
WTORoutingCodes, Configuration File, Configuration File