search cancel

FOTS3214 EDC5139I Failed Password errors for SSH/SFTP using Top Secret ACID and password

book

Article ID: 255333

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

When trying to logon to SFTP with SSH using only a Top Secret ACID and password, the following errors are seen:

Port of Entry information retained for uid:0  pid:123456789.
Failed password for user from xxx.xxx.xxx.xxx port xxxxx ssh2
Connection closed by authenticating user user xxx.xxx.xxx.xxx port xxxxx [preauth]
error: FOTS3214 cleanup_exit: kill(3400): EDC5139I Operation not permitted. (errno2=0x0D100114)

The user's password is correct. Why are these errors occurring?

 

 

Environment

Release : 16.0

Resolution

Verify the OMVS UID for the user and sshd_config file settings. IBM made a change to the default SSH config files for z/OS 2.4. The summary of changes for OpenSSH z/OS Version 2 Release 4 (V2R4) states:

Root login using a password is no longer enabled by default.

The parameter this effects is PermitRootLogin. If PermitRootLogin is set to NO in sshd_config, then UID 0 users won't be able to login by using a password. The options are to either use a non-UID 0 user or change the config file to specify YES for this parameter and recycle the OpenSSH address space.

Additional Information

IBM Summary of changes for z/OS Version 2 Release 4 (V2R4) and its updates: https://www.ibm.com/docs/en/zos/2.4.0?topic=sc-summary-changes-zos-version-2-release-4-v2r4-its-updates