IBM Mainframe Forum Index
 
Log In
 
IBM Mainframe Forum Index Mainframe: Search IBM Mainframe Forum: FAQ Register
 

SSHD - Ported tools


IBM Mainframe Forums -> All Other Mainframe Topics
Post new topic   Reply to topic
View previous topic :: View next topic  
Author Message
vasanthz

Global Moderator


Joined: 28 Aug 2007
Posts: 1742
Location: Tirupur, India

PostPosted: Tue Jul 11, 2017 6:17 am
Reply with quote

Hi,

I am trying to configure SSHD on Mainframe using dovetail.com/docs/pt-quick-inst-12/pt-quick-inst-12-doc.pdf

I started the SSHD daemon using /S SSHD
It started many processes like SSHD1, 2, 3, 4 etc.. Currenlty I have only one process active called SSHD5 on the SDSF "PS" screen.
Code:

SDSF PROCESS DISPLAY  SYSTEMA  ALL                      INVALID COMMAND       
COMMAND INPUT ===>                                            SCROLL ===> CSR 
PREFIX=SSH*  DEST=(ALL)  OWNER=*  SYSNAME=                                     
NP   JOBNAME  JobID    Status                           Owner    State CPU-Time
     SSHD5    STC00100 SWAPPED,FILE SYS KERNEL WAIT     USERID  1FI       0.03

When I try to connect to port 22 using Putty "putty userid@host" it says "Network Error: Software caused connection abort"

Could you please let me know where we can find the error messages pertaining to this connection attempt? and how to proceed with debugging

Below is the SSHD proc
Code:
//SSHD    PROC                                       
//        EXEC PGM=BPXBATCH,REGION=0M,TIME=NOLIMIT, 
//            PARM='PGM /bin/sh -c /etc/ssh/sshd.sh'
//STDERR  DD  SYSOUT=*


Regards,
Vasanth.S
Back to top
View user's profile Send private message
Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 8696
Location: Dubuque, Iowa, USA

PostPosted: Tue Jul 11, 2017 8:22 am
Reply with quote

Did you look in /tmp/syslogd.log (or whatever you called syslogd)? Section 1.13 of the manual you linked in your post talks about setting up syslogd for SSHD. It also explicitly states that SSHD does not write to the console if syslogd is not available.
Back to top
View user's profile Send private message
vasanthz

Global Moderator


Joined: 28 Aug 2007
Posts: 1742
Location: Tirupur, India

PostPosted: Wed Jul 12, 2017 1:25 am
Reply with quote

Thanks Robert, Even on the slimmed down installation I cut corners by not paying attention to SYSLOGD part. This is sort of a proof of concept install and not the actual production install.
I don't know what SYSLOGD is, I'll look it up and see if we have it setup.
Back to top
View user's profile Send private message
Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 8696
Location: Dubuque, Iowa, USA

PostPosted: Wed Jul 12, 2017 2:10 am
Reply with quote

syslogd is the syslog daemon for Unix System Services. See the IP Configuration Guide manual in the Communications Server bookshelf for details on how to configure it. For a quick check, look at /etc/syslog.conf to see if this file exists; if not, then syslogd is either not running or running entirely with defaults (which is rarely good). If it is not there, copy over /usr/lpp/tcpip/samples/syslog.conf and customize it to your site.
Back to top
View user's profile Send private message
vasanthz

Global Moderator


Joined: 28 Aug 2007
Posts: 1742
Location: Tirupur, India

PostPosted: Wed Jul 12, 2017 2:24 am
Reply with quote

Thanks for the help again Robert, the suggestion about SYSLOGD helped resolving the issue.

SYSLOGD was not running. I changed the SYSLOGD proc and started it.
It throws in a lot of messages on the SYSLOG, but it appears to work for now. Need to find a way to limit the number of messages it writes.

There was an error whenever I tried to connect using Putty on the syslog,
Code:
ICH408I USER(SSHXX ) GROUP(XXXX   ) NAME(SSHD PRIVILEGE SEPAR) 453
  LOGON/JOB INITIATION - REVOKED USER ACCESS ATTEMPT

Resumed the ID and now we are good to go. SSH works! :-)

I feel like I have awoken Frankenstein :-)

Regards,
Vasanth.S
Back to top
View user's profile Send private message
Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 8696
Location: Dubuque, Iowa, USA

PostPosted: Wed Jul 12, 2017 2:59 am
Reply with quote

I'm glad you have it working now!

It is pretty common to have syslogd output to the /tmp/ directory; you can determine how big it gets by putting a mount point on /tmp/ for sizing. Pagent puts out some status messages every so often; z/OSMF (IIRC) put out a ton of start up messages; omproute and CFZCIM and snmpagent all put messages into syslogd but I don't think they typically put out a lot of messages. A 10-megabyte /tmp/ works for us; we IPLed our production LPAR on June 17th and a month (almost) later syslogd is 1.7 megabytes so we can run about 5 months or so without issues; I don't recall if we've set up archiving in the syslog.conf file or not.
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic View Bookmarks
All times are GMT + 6 Hours
Forum Index -> All Other Mainframe Topics

 


Similar Topics
Topic Forum Replies
No new posts Products/Tools to Optimize Adabas Dat... Compuware & Other Tools 2
No new posts Can I use Tableau/PowerBI kind data a... All Other Mainframe Topics 2
No new posts Do we have any Modern tools to replac... Compuware & Other Tools 4
No new posts Task initiating SSHD All Other Mainframe Topics 1
No new posts Get the List of Users Using PD Tools IBM Tools 2
Search our Forums:

Back to Top