Description

sshd (OpenSSH daemon) is the daemon program for ssh. Together, these programs are an alternative to rlogin and rsh and provide encrypted communications between two untrusted hosts over an insecure network.

sshd listens for connections from clients. It is typically started when z/OS® UNIX is initialized. (See For system administrators for more information about starting sshd.) It forks a new daemon for each incoming connection. The forked daemons handle key exchange, encryption, authentication, command execution, and data exchange. This implementation of sshd supports both SSH protocol versions 1 and 2 simultaneously. The default sshd configuration only runs protocol version 2

OpenSSH can be configured to collect SMF login failure records for sshd as well as server transfer completion records that are associated with "internal-sftp". See Steps for setting up the system to collect OpenSSH SMF records for more information. See SMF Type 119 records for OpenSSH for more information about the SMF login failure records (subtype 98) and server transfer completion records (subtype 96).

OpenSSH can be set up to use ICSF to implement certain sshd ciphers and MAC algorithms. This extension enables sshd to use hardware support when applicable. See Setting up OpenSSH to use ICSF cryptographic operations for more information.

OpenSSH can be set up to run in FIPS mode. This extension enables sshd to comply with FIPS 140-2 mode when applicable. See Setting up OpenSSH to run in FIPS mode for more information. OpenSSH can be set up to use ICSF to implement certain ssh Key Exchange algorithms. See Setting up OpenSSH to use ICSF cryptographic operations for more information.