IBM OpenSSH with compound in-band authentication
How you log in to IBM® OpenSSH with IBM MFA Compound In-Band enabled depends on the token type you are using. You must already have a valid pin.
IBM MFA SecurID
If the security administrator has enabled your account for IBM MFA, you no longer use your z/OS® password to log in. Instead, how you log in with IBM OpenSSH utilities depends on the type of token you have. See Types of token devices for the supported token types.
General guidelines
Observe the following guidelines:- It is a best practice to wait until the token code changes before attempting to log in.
- You can use the token code only once.
- If you receive an authentication failure, wait until the token code changes before attempting to log in again.