Registry Services requirements

Registry Services has requirements in addition to the primary Registry Services requirements.

Registry Services application
AIX operating systemsLinux operating systemLinux on System z operating systemsWindows operating systems
  • Ensure that your localhost network address resolves to an IPV6 address if required. Edit the /etc/hosts file and uncomment the relevant line, for example: 
    ::1 localhost ipv6-localhost ipv6-loopback
    Also ensure that the file resolves to the canonical domain name and IP address for your host machines.
Registry Services database
Linux operating systemLinux on System z operating systemsEnsure that Open Secure Shell (OpenSSH) is set up and the sshd process is running. To set up OpenSSH, complete the following steps:
  1. On the database server on which DB2® is installed, uncomment the following entries in the ssh configuration files. 
    File: /etc/ssh/ssh_config 
  Port 22
  Protocol 2

File: /etc/ssh/sshd_config
  PermitRootLogin yes
  PasswordAuthentication no
  2. Set up public key-based authentication. Public key-based authentication enables a single user ID to log in as that same user ID on each host machine for the DB2 instance without being prompted for a password. Public key-based authentication must be enabled for the root ID to use passwordless SSH.

    If the user ID has a ~/.ssh directory, ensure that it does not allow group or other write access. Ensure that the home directory for the user does not allow group or other write access. SSH views this situation as a security exposure and if the directory permissions are not restrictive enough, it does not allow public key-based authentication.

    An existing ~/.ssh directory is not required as the ssh-keygen command creates this directory if it does not exist and sets up the appropriate access.

    From your ~/.ssh directory, generate a public key/private key pair: 
    $ ssh-keygen -t dsa

    When prompted for input, press Enter to accept the default value. Ensure that no passphrase is entered otherwise SSH challenges each authentication attempt and expects the same passphrase as a response from the user. However, DB2 does not allow remote shell utilities to prompt for additional verification. This action generates two new files in the ~/.ssh directory, id_dsa (the private key) and id_dsa.pub (the public key) for DSA encryption.

  3. You must generate the public key on each host machine for the DB2 instance and append the contents of each public key from each host to a single file called authorized_keys. Then, copy the authorized_keys file to the user's $HOME/.ssh directory on each host machine and run the chmod 644 authorized_keys command.
AIX operating systemsEnsure that the expect package is installed on the Jazz™ for Service Management database. The expect.base package is shipped as a file set on the installation media of the AIX® version 6.1.2 or later. You can also download the expect-5.42.1-4.aix6.1.ppc.rpm package from the tcltk directory on IBM® AIX Toolbox FTP site. To install the expect package, you must first install the rpm package manager, rpm.rte. You can download this package from the IBM AIX Toolbox download information page.
Parent topic: Windows operating systemsLinux operating systemHardware and software requirements
Related information:
Installing and setting up OpenSSH in the DB2 Version 10.1 for Linux, UNIX, and Windows Information Center