z/OS OpenSSH
z/OS OpenSSH is a port of Open Source Software release OpenSSH 6.4p1 and provides secure encryption for both remote login and file transfer.
z/OS OpenSSH includes the following utilities:
- ssh, a z/OS® client program for logging into a z/OS shell. It can also be used to log into other platform's UNIX shells. It is an alternative to rlogin.
- scp for copying files between networks. It is an alternative to rcp.
- sftp for file transfers over an encrypted ssh transport. It is an interactive file transfer program similar to ftp.
- sshd, a daemon program for ssh that
listens for connections from clients. The z/OS OpenSSH implementation
of sshd supports both SSH protocol versions
1 and 2 simultaneously.
The default sshd configuration only runs protocol version 2.
Other basic utilities such as ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server are also included.
To ensure secure encrypted communications, OpenSSH uses ciphers such as AES, Blowfish and 3DES.
z/OS OpenSSH provides
the following z/OS extensions:
- System Authorization Facility (SAF) key ring. z/OS OpenSSH can be configured to allow z/OS OpenSSH keys to be stored in SAF key rings.
- Multilevel security. It is a security policy that allows the classification of data and users based on a system of hierarchical security levels combined with a system of non-hierarchical security categories.
- System Management Facility (SMF). z/OS OpenSSH can be configured to collect SMF Type 119 records for both the client and the server.
- Hardware Crypto Support. OpenSSH can be configured to choose Integrated Cryptographic Service Facility (ICSF) callable service for implementing the applicable SSH session ciphers and HMACs.
