I think you may be running up against a SERVAUTH or NETACCESS resource class setup.
Any security violations? Rob Schramm Senior Systems Consultant Imperium Group On Wed, Oct 10, 2012 at 3:41 PM, Donald J. <[email protected]> wrote: > I am testing an SSHD server on a new z/OS 1.12 system. > The connections are failing with following messages on the client side: > debug1: Remote protocol version 2.0, remote software version > OpenSSH_5.0. > debug1: match: OpenSSH_5.0 pat OpenSSH*. > debug1: Enabling compatibility mode for protocol 2.0. > debug1: Local version string SSH-2.0-OpenSSH_5.0. > debug2: fd 4 setting O_NONBLOCK. > debug3: RNG is ready, skipping seeding. > debug1: SSH2_MSG_KEXINIT sent. > debug3: __catgets: NLS setup complete (1), using message catalog > openssh.cat. > FOTS1930 Read from socket failed: EDC8121I Connection reset.. > > The SSHD server error messages are: > debug1: Client protocol version 2.0; client software version > PuTTY_Release_0.62 > debug1: no match: PuTTY_Release_0.62 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.0 > debug2: fd 3 setting O_NONBLOCK > debug2: Network child is on pid 50331751 > debug3: Current IBM Release level: 22 > debug3: MLS: seclabel of AS: uid:0 pid:67108965 > debug3: MLS: peer socket: rc:0 t:0 seclabel: terminal:C0A8143D > poe_profile: > Port of Entry information retained for uid:0 pid:67108965. > debug3: MLS: seclabel of AS: uid:0 pid:67108965 > debug3: MLS: peer socket: rc:0 t:0 seclabel: terminal:C0A8143D > poe_profile: > debug3: MLS: /var/empty: rc:0 t:1 seclabel: terminal: poe_profile: > debug3: preauth child monitor started > debug3: mm_request_receive entering > debug1: do_cleanup > > The configuration worked fine on z/OS 1.11. The 1.12 SFTP client works > fine. > The error messages seem to indicate an MLS port of entry issue. I have > tried both > userid/password logins and publickey connections. > PublickeyAuthentication and > UseLogin are yes. I also tried connecting with client on same LPAR as > server, so > it is not a firewall or network issue. > > > > -- > http://www.fastmail.fm - Access all of your messages and folders > wherever you are > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
