I have a user that has worked in the past and is now receiving the following messages when attempting to connect to the CoZ:
sunittst:/home/sjgeisl>sftp -oPort=2222 sjgeisl@plexdev
Connecting to plexdev...
sjgeisl@plexdev's password:
Read from remote host plexdev: Connection reset by peer
Connection closed
The syslog daemon is reporting the following:
sshdÝ16843657¨: Failed none for sjgeisl from 156.36.30.189 port 42065 ssh2
sshdÝ16843657¨: debug3: mm_request_receive entering
sshdÝ16843657¨: debug3: monitor_read: checking request 10
sshdÝ16843657¨: debug3: mm_answer_authpassword: sending result 1
sshdÝ16843657¨: debug3: mm_request_send entering: type 11
sshdÝ16843657¨: debug3: auth_log: authenticated 1, valid 1, failures 0, max 6,
sshdÝ16843657¨: Accepted password for sjgeisl from 156.36.30.189 port 42065
sshdÝ16843657¨: debug1: monitor_child_preauth: sjgeisl has been authenticated
sshdÝ16843657¨: debug3: mm_get_keystate: Waiting for new keys
sshdÝ16843657¨: debug3: mm_request_receive_expect entering: type 24
sshdÝ16843657¨: debug3: mm_request_receive entering
sshdÝ16843657¨: debug3: mm_newkeys_from_blob: 2D096128(118)
sshdÝ16843657¨: debug1: mac_setup_by_id: hmac-md5 from source OpenSSL
sshdÝ16843657¨: debug2: mac_setup: found hmac-md5
sshdÝ16843657¨: debug3: mm_get_keystate: Waiting for second key
sshdÝ16843657¨: debug3: mm_newkeys_from_blob: 2D096128(118)
sshdÝ16843657¨: debug1: mac_setup_by_id: hmac-md5 from source OpenSSL
sshdÝ16843657¨: debug2: mac_setup: found hmac-md5
sshdÝ16843657¨: debug3: mm_get_keystate: Getting compression state
sshdÝ16843657¨: debug3: mm_get_keystate: Getting Network I/O buffers
sshdÝ16843657¨: debug2: User child is on pid 33620827
sshdÝ16843657¨: debug3: mm_request_receive entering
sshdÝ33620827¨: debug1: permanently_set_uid: 10000062/1
sshdÝ33620827¨: debug3: __catgets: NLS setup complete (1), using message
sshdÝ33620827¨: fatal: FOTS2046 setuid 10000062: EDC5164I SAF/RACF error.
sshdÝ33620827¨: debug1: do_cleanup
sshdÝ33620827¨: debug3: zsshCloseOldDev: fd=5
sshdÝ16843657¨: debug1: do_cleanup
sshdÝ16843657¨: debug3: zsshCloseOldDev: fd=-1
I'm wondering what would cause the fatal: FOTS2046 setuid 10000062: EDC5164I SAF/RACF error.
Any ideas?
Thanks
User receiving connection reset by peer when SFTPing
Re: User receiving connection reset by peer when SFTPing
This error is what is causing the problem:
fatal: FOTS2046 setuid 10000062: EDC5164I SAF/RACF error.
This message is coming from IBM Ported Tools SSHD, and this is occurring before Co:Z SFTP server is started for the session.
The message indicates that IBM Ported Tools SSHD got a EMVSSAF2ERR error from setuid().
This indicates that there was an error in the IRRSSU00 SAF call.
See:
http://pic.dhe.ibm.com/infocenter/zos/v ... stuidt.htm
Suggestions:
1) As recommended by IBM, please add this:
export _EDC_ADD_ERRNO2=1
in the proc that starts SSHD. This would causing the reason codes to be displayed in the error message above.
These should contain the return/reason code from IRRSSU00 (R_setuid).
2) Check for RACF errors in the system log or in the log for your security product
3) contact IBM for assistance - this is in IBM Ported Tools OpenSSH Before Co:Z SFTP server is invoked
fatal: FOTS2046 setuid 10000062: EDC5164I SAF/RACF error.
This message is coming from IBM Ported Tools SSHD, and this is occurring before Co:Z SFTP server is started for the session.
The message indicates that IBM Ported Tools SSHD got a EMVSSAF2ERR error from setuid().
This indicates that there was an error in the IRRSSU00 SAF call.
See:
http://pic.dhe.ibm.com/infocenter/zos/v ... stuidt.htm
Suggestions:
1) As recommended by IBM, please add this:
export _EDC_ADD_ERRNO2=1
in the proc that starts SSHD. This would causing the reason codes to be displayed in the error message above.
These should contain the return/reason code from IRRSSU00 (R_setuid).
2) Check for RACF errors in the system log or in the log for your security product
3) contact IBM for assistance - this is in IBM Ported Tools OpenSSH Before Co:Z SFTP server is invoked