.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
iSeries / AS400 OpenSSH and SFTP troubleshooting information for RSA Security Analytics
Issue
iSeries / AS400 OpenSSH and SFTP Troubleshooting.Usually customers are able to resolve most issues after learning how OpenSSH and SFTP work on their systems. The following information in the URLs below can help tremendously to resolve the SFTP issues.
Resolution
- http://www.redbooks.ibm.com/abstracts/redp4163.html?Open
- This URL contains a link to a PDF that has pretty much all of the information a customer would need to get started with SFTP on the iSeries.
- http://www-304.ibm.com/partnerworld/wps/servlet/ContentHandler/pw_com_porting_tools_openssh
- Take a look at the ‘Hints and Tips for using OpenSSH’ section. It describes the requirements, including free licensing from IBM, for using SFTP with I5/OS V5R4, v6.1, and v7.*.
- http://www-01.ibm.com/support/docview.wss?uid=nas8N1015378
- The place where most customers get hung up is setting permissions and authority levels for directories and files. That information is contained in the PDF, but it is not so easy to find. The following URL should be useful to the customers. We will be adding this information to our iSeries SCOL docs.
In addition to the URLs, there are other issues that involve the SA server sshd_config file like:
- Using a ‘Match’ directive for non-standard user ID (if the customer is not using the ‘upload’ user ID).
- Verifying that the path in the AuthorizedKeysFile directive is the actual location of the ‘authorized_keys’ file on the SA server:
- AuthorizedKeysFile ~/.ssh/authorized_keys
- Verifying that the PasswordAuthentication directive is ‘no’ for the user ID:
- PasswordAuthentication no <--- This directive might have been changed in a Match directive block.
Product Details
RSA Product Set: Security AnalyticsPlatform: CentOS
Platform (Other): iSeries / AS400 OpenSSH, SFTP
Approval Reviewer Queue
ASOC Approval Group