Securing Communications with OpenSSH on IBM i5/OS
A draft IBM Redpaper publication
Note: This is publication is now archived. For reference only.
The OpenSSH open source product is widely used to securely access command line shells remotely. Secure Shell (SSH) tunneling or port forwarding capabilities allow users to establish a secure link for data traffic that otherwise flows in the clear over communication links. Additional utilities, such as scp and sftp, provide secure file transfer services. On the IBM System i platform, OpenSSH is shipped as part of the license program option IBM Portable Utilities for i5/OS and is available for systems that run V5R3 and later.
This IBM Redpaper introduces you to the OpenSSH implementation and the included utilities in IBM i5/OS. It teaches you how to use SSH in i5/OS as a server (daemon) and as a client. It explains how you can set up public key authentication for better protection during authentication.
In addition, this paper discusses the configuration for port forwarding from i5/OS as well as from Microsoft Windows. It also explains how you can use SSH to control a dynamic logical partitioning (DLPAR) environment. Plus it explores how SSH can be used from i5/OS to control Hardware Management Console (HMC) tasks, such as dynamic resource allocation.
The purpose of this Redpaper is to show you how to set up and use OpenSSH in an i5/OS environment, not to cover all capabilities provided with OpenSSH. For a complete list of functions and online help, visit the OpenSSH Web site at the following address:
Chapter 1. Introduction to OpenSSH for i5/OS
Chapter 2. Setting up and running the sshd daemon
Chapter 3. Establishing an SSH session
Chapter 4. File transfer and public key authentication with OpenSSH
Chapter 5. Protecting traffic with SSH tunnels
Chapter 6. Using SSH to control your HMC