Dave wrote:
> On Mar 6, 6:12 pm, Henry <snogfest_hosebe...@yahoo.com> wrote:
>> On Mar 7, 7:48 am, Dave <davehk...@gmail.com> wrote:
>>
>>> Is there an alternative way for the user still able to use SSH to
>>> login to AIX with RLOGIN=false?
>>> Also for the user able to use SFTP with RLOGIN=false?
>> what are you wanting to achieve ?
>> Good idea having rlogin=false but it does restrict access "a bit"
>
> I am trying to help with the SFTP from MainFrame to AIX.
> I thought the newer version of OpenSSH (4.3.x) is able to allow the
> user use SSH clinet with RLOGIN=false.

If I'm understanding the question correctly, and from my experiences
with ssh on AIX to date, ssh access and inetd services access (such as
login, rlogin, rsh, etc...) are 2 different things. ssh access is
controlled by /path/to/sshd_config (ssh server config) and
/path/to/ssh_config (client access config). So, "rlogin=false" should
not have anything to do with sftp, scp, ssh operations.

To see what "inetd" services are active (and this is specific to AIX,
not ssh) run lssrc -ls inetd (or see what is uncommented in
/etc/inetd.conf). To see whether a user can login (console), rlogin
(remote access via telnet), lsuser -a login rlogin username

Hope that helps...

Pete
p.s. Don't forget to "refresh -s inetd" if any services are changed or
stopsrc -s sshd && startsrc -s sshd to refresh sshd if any of its
configuration has been changed...P