General Page
Flash System firmware 8.7.0.0 disabled old TLS ciphers and algorithms, and Jsch does not support the new ones.
The Toolkit uses the Jsch implementation of SSH to programmatically communicate with Flash Systems and HMCs. However, as Jsch is no longer maintained, it does not support new ciphers and algorithms. Starting with firmware 8.7.0.0, Flash System requires the use of TLS v1.3, resulting in the Toolkit's inability to communicate with the Flash Systems newer firmware.
In version 5.2 the Toolkit has switched to use REST API's to bypass this issue, with the exception of RUNSVCCMD. Thus, controlling LPARs on 4.6 or users of RUNSVCCMD at 5.2, must install a fork of Jsch which supports TLS v1.3.
Note the following:
- The Jsch fork is open-source software
- It is not created, owned or reviewed by IBM
- You must do your own due diligence when using this software
Further information about the Jsch fork is here: https://github.com/mwiede/jsch
*Nothing needs to be downloaded from the previous link.
The bytecode (.jar) file is here: https://repo1.maven.org/maven2/com/github/mwiede/jsch/
As of the writing of this document, testing was done with jsch-0.2.18.jar
To use the jar file:
- Upload the file to /QIBM/Qzrdhasm/ssh on the controllers
- Rename the existing jsch-0.1.55.jar to something else
QSH CMD('mv /QIBM/Qzrdhasm/ssh/jsch-0.1.55.jar /QIBM/Qzrdhasm/ssh/jsch-0.1.55-orig.jar') - Copy the new fork to the old 1.55 name:
QSH CMD('cp /QIBM/Qzrdhasm/ssh/jsch-0.2.18.jar /QIBM/Qzrdhasm/ssh/jsch-0.1.55.jar') - Run CHKCSE or CHKFSFLASH.
NOTE: Prior instructions involved modifying the JSCH symbolic link, but SETUPFSFC and SETUPFSR will recreate the symbolic link to point to jsch-0.1.55.jar.
[{"Type":"MASTER","Line of Business":{"code":"LOB68","label":"Power HW"},"Business Unit":{"code":"BU070","label":"IBM Infrastructure"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z000000cxy9AAA","label":"High Availability-\u003EFull System Flash Copy"}],"ARM Case Number":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
28 July 2025
UID
ibm17165103