Troubleshooting
Problem
For security purposes, how do I disable the SFTP daemon on a Netezza host?
Resolving The Problem
By default, the SFTP daemon is enabled on Netezza hosts.
1. Though it is the default setting, verify that the SFTP subsystem is enabled on the host. Run the following command:
grep sftp-server /etc/ssh/sshd_config
If SFTP is enabled, the Subsystem line displays without a pound sign ('#') prepended as shown below:
[root@host-1 ~]# grep sftp-server /etc/ssh/sshd_config
Subsystem sftp /usr/libexec/openssh/sftp-server
2. Login as root (or su to root from the current user).
3. To disable SFTP access, edit the file /etc/ssh/sshd_config, commenting out the Subsystem SFTP line by prepending a pound sign (#) to it.
Before
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
After
# override default of no subsystems
# Subsystem sftp /usr/libexec/openssh/sftp-server
4. After saving the changes to sshd_config made in Step 3, restart the SSH daemon, as follows:
[root@host-1 ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
NOTE: If your configuration is in an HA setup, repeat this procedure on all hosts.
[{"Product":{"code":"SSULQD","label":"IBM PureData System"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":null,"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.0.0","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Historical Number
NZ214929
Was this topic helpful?
Document Information
More support for:
IBM PureData System
Software version:
1.0.0
Document number:
462527
Modified date:
17 October 2019
UID
swg21570249