Index

Symbols

$HOME/.ssh2, Client Configuration Files
/opt/tectia/etc, Client Configuration Files

A

accounts, local, User Authentication with Public Keys in a File

active mode FTP, Tunneling FTP in Active Mode

advice string, Advice String

agent forwarding, Secure Shell Tunneling, The default-settings Element

application tunneling, Secure Shell Tunneling

audit messages, Audit Messages

authentication, Authentication, User Authentication with Public Keys in a File

certificate, Server Authentication with Certificates, User Authentication with Certificates

host-based, Host-Based User Authentication

keyboard-interactive, User Authentication with Keyboard-Interactive

PAM, User Authentication with Keyboard-Interactive

password, Using Password Authentication, User Authentication with Passwords, User Authentication with Keyboard-Interactive

public-key

server, Authenticating Remote Server Hosts, Server Authentication with Public Keys in File
user, Using Public-Key Authentication, User Authentication with Public Keys in a File, Using Public-Key Authentication from Other Hosts to z/OS

RADIUS, User Authentication with Keyboard-Interactive

SAF, CA Certificates Stored in SAF, Server Certificates Stored in SAF, Certificates Stored in SAF

SecurID, User Authentication with Keyboard-Interactive

authentication methods, Authentication, The default-settings Element

authority info access, Server Authentication with Certificates

authorization file, Files

authorized_keys directory, Files

authorized_keys file, Files

B

basic configuration, Configuring Client Tools, Connection Broker and SOCKS Proxy Configuration Files

C

C-API, Component Terminology

CA certificate, The general Element

case-sensitivity, Case-Sensitivity of HFS and MVS Names, Filename Support, Filename Support

certificate authentication

server, Server Authentication with Certificates, The general Element
user, User Authentication with Certificates

certificate revocation list (CRL), CA Certificates Stored in SAF

disabling, CA Certificates Stored in File, The general Element
distribution point, Server Authentication with Certificates
prefetching, The general Element

certificate viewer, ssh-certview-g3

certificates

enrolling, Certificates Stored in File
revoked, Server Authentication with Certificates
validating, The general Element

certification authority (CA), Server Authentication with Certificates, The general Element

certification, FIPS 140-2, The general Element

CertKey, Certificates Stored in File

channel, Secure Shell Tunneling

characters, valid, Filename Support, Filename Support

checkpoint-restart, Enhanced File Transfer Functions, Commands

checksum, The default-settings Element

ciphers, The default-settings Element

client configuration, Configuring Client Tools

client tools, Configuring Client Tools

clients

CMP enrollment, ssh-cmpclient-g3
scpg3, scpg3
sftpg3, sftpg3
sshg3, sshg3

CMP enrollment client, ssh-cmpclient-g3

codepage, Setting up Terminal Data Conversion

command-line options, Command-Line Options

command-line tools, Command-Line Tools

components, Product Components

compression, The default-settings Element

configuration files, Client Configuration Files, Connection Broker and SOCKS Proxy Configuration Files

syntax, Broker Configuration File Syntax

Connection Broker, Running Connection Broker, Configuring Client Tools, Connection Broker and SOCKS Proxy Configuration Files

debugging, Starting Connection Broker in Debug Mode
reconfiguring, Reconfiguring ssh-broker-g3
starting, Starting ssh-broker-g3 Manually under USS
stopping, Stopping ssh-broker-g3

connection profiles, The profiles Element

controlling file transfer, Controlling File Transfer, Alternate Methods for Controlling File Transfer

CRL (certificate revocation list)

disabling, CA Certificates Stored in File, The general Element
distribution point, Server Authentication with Certificates
prefetching, The general Element

cryptographic library, The general Element

customer support, Customer Support

D

data conversion, Setting up Terminal Data Conversion

data set access, Data Set and HFS File System Access, Data Set and HFS File System Access

DD cards, Data Set Access Using DD Cards

debugging

Connection Broker, Starting Connection Broker in Debug Mode

default domain, The general Element

Diffie-Hellman key exchange, Server Authentication with Public Keys in File, Server Authentication with Certificates

digital signature, User Authentication with Public Keys in a File

direct access storage device (DASD), Accessing Migrated Data Sets

disabling CRL, CA Certificates Stored in File, The general Element

distributing keys, Distributing Public Keys Using the Key Distribution Tool

DNS rule, The filter-engine Element

Document Type Definition (DTD), Broker Configuration File Syntax

documentation, About This Document

documentation conventions, Documentation Conventions

DoD PKI, The general Element

domain user account, Special Considerations with Windows Servers

dynamic tunnels, SOCKS Tunneling

E

editing configuration files, Editing the Configuration Files

egrep, Egrep Syntax

character sets, Character Sets For Egrep
escaped tokens, Escaped Tokens for Regex Syntax Egrep
patterns, Egrep Patterns

end-point identity check, The general Element

enrolling user certificate, Certificates Stored in File

Entrust keys, Key Store Configuration Examples

environment variables, Environment Variables for Client Applications, Environment Variables

file transfer clients, File Transfer Environment Variables for the Clients
file transfer server, File Transfer Environment Variables for the Server
scpg3, Environment Variables
sftpg3, Environment Variables
ssh-broker-config.xml, Environment Variables
ssh-broker-ctl, Environment Variables
ssh-broker-g3, Environment Variables
ssh-keyfetch, Environment Variables
ssh-keygen-g3, Environment Variables
ssh-sft-stage, Environment Variables
ssh-translation-table, Environment Variables
sshg3, Environment Variables

error situations, Solving Problem Situations

escape sequences, sshg3, Escape Sequences

event log, The logging Element

exclusive-connection, The default-settings Element

exit values

scpg3, Exit Values
sftpg3, Exit Values
sshg3, Exit Values

expired CRL, The general Element

external key viewer, ssh-ekview-g3

F

fallback to plaintext FTP

command-line option, The filter-engine Element
in configuration file, The filter-engine Element

Federal Information Processing Standard (FIPS), The general Element

file access permissions, The general Element

file transfer, Secure File Transfer Using SFTP, Using scpg3, Using sftpg3, sftpg3

controlling, Controlling File Transfer, Alternate Methods for Controlling File Transfer

file transfer home, Setting the File Transfer Home Location, Setting the File Transfer Home Location

filename characters, Filename Support, Filename Support

filename support, Filename Support, Filename Support

filter, The filter-engine Element

filter engine, Connection Broker Files, The filter-engine Element

fingerprint, Server Authentication with Public Keys in File, Options

FIPS 140-2 certification, The general Element

firewall, CA Certificates Stored in File, CA Certificates Stored in SAF

forwarding

agent, Secure Shell Tunneling, The default-settings Element
local, Local Tunnels
remote, Remote Tunnels
X11, Secure Shell Tunneling, The default-settings Element

FTP active mode, Tunneling FTP in Active Mode

FTP commands, Native z/OS FTP commands versus Tectia SFTP commands

FTP passive mode, Tunneling FTP in Passive Mode

G

Generation Data Group (GDG), Accessing Generation Data Groups (GDG), Accessing Generation Data Groups (GDG)
Generation Data Set (GDS), Accessing Generation Data Groups (GDG), Accessing Generation Data Groups (GDG)
getting started with Tectia client tools, Getting Started
glob patterns, Command Interpretation

H

hashed host key format, Host Key Storage Formats

Hexl, Options

HFS files, Handling MVS Data Sets and HFS File System Access, Case-Sensitivity of HFS and MVS Names, Handling MVS Data Sets and HFS File System Access, Case-Sensitivity of HFS and MVS Names

HFS Root, Accessing HFS Root

home directory, Setting the File Transfer Home Location, Setting the File Transfer Home Location

host key, Resolving Hashed Host Keys

checking, The default-settings Element
directory, Files
hashed format, Host Key Storage Formats
public, Server Authentication with Public Keys in File
resolving, Resolving Hashed Host Keys

host-based authentication, Host-Based User Authentication

hostkeys directory, Files

HTTP proxy URL, The general Element

HTTP repository, Server Authentication with Certificates

notation

path, Filename Support, Filename Support

O

OCSP responders, The general Element
Online Certificate Status Protocol (OCSP), Server Authentication with Certificates
OpenSSH authorized_keys file, Files
OpenSSH keys, Using Keys Generated with OpenSSH, From OpenSSH Client on Unix to Tectia Server on z/OS, Key Store Configuration Examples
OpenSSH known_hosts file, The general Element, Files
outgoing tunnels, Local Tunnels

P

PAM authentication, User Authentication with Keyboard-Interactive

passive mode FTP, Tunneling FTP in Passive Mode

passphrase, Creating Keys with ssh-keygen-g3 on z/OS

password

stored in a data set, Password Stored in a File or Data Set
stored in a file, Password Stored in a File or Data Set

password authentication, Using Password Authentication, User Authentication with Passwords, User Authentication with Keyboard-Interactive

path notation, Filename Support, Filename Support

pattern syntax, Egrep Patterns

PEM encoding, Options

permissions, User Authentication with Public Keys in a File

PKCS #11 keys, Key Store Configuration Examples

PKCS #11 token, Certificates Stored in File

PKCS #12, Key Store Configuration Examples

PKCS #7, Key Store Configuration Examples

PKCS #7 package, CA Certificates Stored in File

Pluggable Authentication Module (PAM), User Authentication with Keyboard-Interactive

port forwarding, Secure Shell Tunneling

local, Local Tunnels
remote, Remote Tunnels
restricting, Secure Shell Tunneling

private key

user, Creating Keys with ssh-keygen-g3 on z/OS, Certificates Stored in File

problem situations, Solving Problem Situations

proxy rules, The default-settings Element

pseudo-volume, Restoring Archived Data Sets

public key

host, Server Authentication with Public Keys in File
user, Creating Keys with ssh-keygen-g3 on z/OS

public-key authentication, User Authentication with Public Keys in a File

server, Authenticating Remote Server Hosts, Server Authentication with Public Keys in File
user, Using Public-Key Authentication, User Authentication with Public Keys in a File, Using Public-Key Authentication from Other Hosts to z/OS

R

RADIUS authentication, User Authentication with Keyboard-Interactive

random_seed file, Files

reconfiguring the Connection Broker, Reconfiguring ssh-broker-g3

regular expressions (regex)

in filenames, Filename Support, Filename Support
syntax, Egrep Syntax

rekey interval, The default-settings Element

related documents, About This Document

remote administration, System Administration

remote environment, The default-settings Element

remote port forwarding, Remote Tunnels

remote tunnels, Remote Tunnels

restoring archived data sets, Restoring Archived Data Sets

return values

scpg3, Exit Values
sftpg3, Exit Values
sshg3, Exit Values

revoked certificate, Server Authentication with Certificates

RFC 4253, Options

RFC 4716, Options

rule, The filter-engine Element

running client programs, Running Client Programs

S

SAF authentication

server, CA Certificates Stored in SAF, Server Certificates Stored in SAF, Key Store Configuration Examples
user, Certificates Stored in SAF, Key Store Configuration Examples

sample files, Unattended File Transfers

SAMPLIB, Unattended File Transfers

SCEP client, ssh-scepclient-g3

scpg3, Running Client Programs, Using scpg3, scpg3

environment variables, Environment Variables
exit values, Exit Values
options, Options

secure application connectivity, Secure Shell Tunneling

secure copy (SCP), Using scpg3, scpg3

secure file transfer, Secure File Transfer Using SFTP

Secure File Transfer Protocol (SFTP), Using sftpg3, sftpg3

Secure Shell client, Accessing z/OS Hosts Running Tectia Server for IBM z/OS

Secure Shell version 2, sshg3

secure system administration, System Administration

SecurID authentication, User Authentication with Keyboard-Interactive

server authentication

with certificates, Server Authentication with Certificates
with public key, Server Authentication with Public Keys in File
with SAF keys, CA Certificates Stored in SAF, Server Certificates Stored in SAF

server certificate, Server Authentication with Certificates

SFTP

checkpoint, Enhanced File Transfer Functions, Commands
commands, Native z/OS FTP commands versus Tectia SFTP commands
streaming, Enhanced File Transfer Functions, Commands
tape data sets, SFTP and Tape Data Sets

sftpg3, Running Client Programs, Using sftpg3, sftpg3

commands, Commands
environment variables, Environment Variables
exit values, Exit Values
options, Options
startup batch file, Description, Environment Variables

smart card, Certificates Stored in File

SOCKS Proxy, Configuring Client Tools, Connection Broker and SOCKS Proxy Configuration Files

SOCKS server, SOCKS Tunneling

SOCKS server URL, The general Element

ssh-broker-config.xml, Client Configuration Files, Configuration File

ssh-broker-ctl, Running Connection Broker, ssh-broker-ctl

commands, Commands
environment variables, Environment Variables
options, Options

ssh-broker-g3, Running Connection Broker, ssh-broker-g3

environment variables, Environment Variables
options, Options

ssh-certview-g3, ssh-certview-g3

ssh-cmpclient-g3, ssh-cmpclient-g3

commands, Commands
examples, Examples
options, Options

ssh-ekview-g3, ssh-ekview-g3

ssh-keydist-g3, Distributing Public Keys Using the Key Distribution Tool, ssh-keydist-g3

ssh-keyfetch, ssh-keyfetch

environment variables, Environment Variables
examples, Examples
options, Options

ssh-keygen-g3, Using Public-Key Authentication, CA Certificates Stored in File, Creating Keys with ssh-keygen-g3 on z/OS, ssh-keygen-g3

environment variables, Environment Variables
examples, Examples
options, Options

ssh-scepclient-g3, ssh-scepclient-g3

commands, Commands
examples, Examples
options, Options

ssh-sft-stage, ssh-sft-stage

environment variables, Environment Variables
options, Options

ssh-socks-proxy, ssh-broker-g3

ssh-socks-proxy-config.xml, Client Configuration Files, Configuration File

ssh-socks-proxy-ctl, Synopsis

ssh-translation-table, ssh-translation-table

environment variables, Environment Variables
options, Options

ssh-troubleshoot, ssh-troubleshoot

commands, Commands
options, Options

SSH2, sshg3

SSH2 keys, Key Store Configuration Examples

SSHBRKR, Running ssh-broker-g3 as a Started Task

SSHENV, Environment Variables for Client Applications

sshg3, Running Client Programs, sshg3

commands, Commands
environment variables, Environment Variables
escape sequences, Escape Sequences
exit values, Exit Values
options, Options

sshsetenv, Environment Variables for Client Applications

ssh_ftadv_config, Client Configuration Files

ssh_known_hosts file, Files

ssh_sftp_batch_file, Description, Environment Variables

STAGE, Staging

staging, Staging

starting the Connection Broker, Starting ssh-broker-g3 Manually under USS

stopping the Connection Broker, Stopping ssh-broker-g3

streaming, Enhanced File Transfer Functions, Commands

strict host key checking, The default-settings Element

support, Customer Support

system administration, System Administration

system configuration, Connection Broker and SOCKS Proxy Configuration Files

system log, The logging Element

T

tape data sets

SFTP, SFTP and Tape Data Sets

TCP connection

keepalive, The default-settings Element
timeout, The default-settings Element

technical support, Customer Support

Tectia Client, Component Terminology

Tectia Client components, Product Components

Tectia ConnectSecure, Component Terminology

Tectia Server, Component Terminology

Tectia Server Configuration tool, Component Terminology

Tectia Server for IBM z/OS, Component Terminology

Tectia Server for Linux on IBM System z, Component Terminology

terminology, Component Terminology

ticket forwarding, The default-settings Element

timeout, TCP connection, The default-settings Element

translation table, ssh-translation-table

troubleshooting, Troubleshooting Tectia

tunneling, Secure Shell Tunneling

applications, SOCKS Tunneling
IPv6, Secure Shell Tunneling
restricting, Secure Shell Tunneling
X11, Secure Shell Tunneling, The default-settings Element

tunnels, Secure Shell Tunneling

local (outgoing), Local Tunnels
remote (incoming), Remote Tunnels

U

uploading public keys, Uploading Public Keys from z/OS to Remote Host

user account

domain, Special Considerations with Windows Servers
local, User Authentication with Public Keys in a File

user authentication

host-based, Host-Based User Authentication
with certificates, User Authentication with Certificates
with keyboard-interactive, User Authentication with Keyboard-Interactive
with password, Using Password Authentication, User Authentication with Passwords
with public key, Using Public-Key Authentication, User Authentication with Public Keys in a File, Using Public-Key Authentication from Other Hosts to z/OS
with SAF keys, Certificates Stored in SAF

user certificate, enrolling, Certificates Stored in File

user configuration directory, The general Element

user identity, The profiles Element

user key, Uploading Public Keys from z/OS to Remote Host

user-config-directory, The general Element

using secure copy, Using scpg3

using secure file transfer, Using sftpg3

USS, Under USS

USS home directory, Setting the File Transfer Home Location, Setting the File Transfer Home Location

V

valid characters, Filename Support, Filename Support
volume serial number, Restoring Archived Data Sets

W

wildcard, Using Wildcards, Command Interpretation, Filename Support

X

X.509 certificates, CA Certificates Stored in File, Certificates Stored in File, Key Store Configuration Examples

X11 forwarding, Secure Shell Tunneling, The default-settings Element

XML attribute

allow-relay, The profiles Element, The static-tunnels Element
allow-ticket-forwarding, The default-settings Element
data, The profiles Element
default-domain, The general Element
disable-crls, The general Element
dll-path, The default-settings Element
end-point-identity-check, The general Element
fallback-to-plain, The filter-engine Element
file, The profiles Element
gateway-profile, The profiles Element
hash, The profiles Element
http-proxy-url, The general Element
id, The profiles Element
identity-file, The profiles Element
socks-server-url, The general Element
use-expired-crls, The general Element

XML element

accept-unknown-host-keys, The general Element
address-family, The default-settings Element
auth-gssapi, The default-settings Element
auth-hostbased, The default-settings Element
auth-keyboard-interactive, The default-settings Element
auth-password, The default-settings Element
auth-publickey, The default-settings Element
auth-server-certificate, The default-settings Element
auth-server-publickey, The default-settings Element
authentication-method, The default-settings Element
authentication-methods, The default-settings Element, The profiles Element
authentication-success-message, The default-settings Element
ca-certificate, The general Element
cert-validation, The general Element
checksum, The default-settings Element
cipher, The default-settings Element
ciphers, The default-settings Element, The profiles Element
close-window-on-disconnect, The default-settings Element
compression, The default-settings Element, The profiles Element
crl-prefetch, The general Element
crypto-lib, The general Element
default-settings, The default-settings Element
dns, The filter-engine Element
dod-pki, The general Element
environment, The default-settings Element
exclusive-connection, The default-settings Element, The profiles Element
file-access-control, The general Element
filter, The filter-engine Element
filter-engine, The filter-engine Element
forward, The default-settings Element
forwards, The default-settings Element, The profiles Element
general, The general Element
host-key-always-ask, The general Element
hostbased-default-domain, The default-settings Element
hostkey, The profiles Element
hostkey-algorithm, The default-settings Element
hostkey-algorithms, The default-settings Element, The profiles Element
identification, The general Element
identity, The profiles Element
idle-timeout, The default-settings Element, The profiles Element
issuer-name, The default-settings Element
keepalive-interval, The default-settings Element, The profiles Element
kex, The default-settings Element
kexs, The default-settings Element, The profiles Element
key-selection, The default-settings Element
key-store, The general Element
key-stores, The general Element
known-hosts, The general Element
ldap-server, The general Element
local-hostname, The default-settings Element
local-tunnel, The profiles Element
log-events, The logging Element
log-target, The logging Element
logging, The logging Element
mac, The default-settings Element
macs, The default-settings Element, The profiles Element
network, The filter-engine Element
ocsp-responder, The general Element
password, The profiles Element
profile, The profiles Element
profiles, The profiles Element
protocol-parameters, The general Element
proxy, The default-settings Element, The profiles Element
public-key, The default-settings Element
quiet-mode, The default-settings Element
rekey, The default-settings Element, The profiles Element
remote-environment, The default-settings Element, The profiles Element
remote-tunnel, The profiles Element
rule, The filter-engine Element
server-authentication-methods, The profiles Element
server-banners, The default-settings Element, The profiles Element
sftpg3-mode, The default-settings Element
static-tunnels, The static-tunnels Element
strict-host-key-checking, The general Element
tcp-connect-timeout, The default-settings Element, The profiles Element
terminal-bell, The default-settings Element
terminal-selection, The default-settings Element
tunnel, The static-tunnels Element
tunnels, The profiles Element
user-config-directory, The general Element
user-identities, The profiles Element
user-keys, The general Element

Index

Symbols

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

R

S

T

U

V

W

X