Setting up SSH Access to IBM i

This is mainly for my reference as I do this operation so few times I can hardly ever remember how to do it. Linux set up is by far a lot easier as most of it is done for you by default (Plus it does not use bsh).

This is being carried out an a fresh 7.4 install so no existing Open Source is installed. I also neglected to install 5733SC1 so no Open Source SSL etc. This is needed for the TCP *SSHD Server.

So First installed the 5733SC1 LPP, it can be found on the GROUP_04 image. No configuration required just install and when it completes run the STRTCPSVR *SSHD and it should start up automatically. (TCP is a prerequisite but I assume no one ever runs IBM i without TCP/IP these days.)

Now we want to install the Open Source base, IBM has done a fantastic job of providing a very nice interface in ACS to accomplish this task. If you have to do this manually its going to be a long day… So install ACS and use the interface. Start up ACS Client Solutions, select the system you are going to work with and then from the top menu select tools:Open Source Package Management. This will bring up a new dialog box where you will be prompted to insert your sign on information, if SSHD is not running it fails here, so make sure its running. Once you are signed in you will be prompted to install the base Open Source Packages. Just hit yes and follow the prompts to install it all. This only installs packages IBM has deemed necessary for other things to work and yum is a very important part of that.

Once everything is installed you want to update everything to the latest level. We had some issues because we had not set up the *DFTROUTE to our router even though the DNS had been set up. Once we set that up it gave us a list of updates that we could install. Once done we are now going to install one additional package, we always use nano as our editor of choice so we installed it selecting it from the list of available packages (3rd tab has a list of packages which are available but not installed, as we said IBM just installs some base packages).

We use putty for accessing the IBM i through the SSHD server, when it connects you will always be connected to the bsh shell, its useless and needs to be changed immediately. Our preferred shell is bash which is installed by IBM as one of the base packages but is not set as the default shell. Also the path to the Open Source packages is not set so when you try to connect to nano it cannot find it. So the are a couple of changes you need to make to the environment to get things up and running.

First we want to force our shell to be bash, to do this we need to create a file in the home directory for the profile we will use to connect with in our case its CHRISH so the home directory in the profile is set to /home/CHRISH (you need to make sure that it is set in the profile (WRKUSRPRF/CHGUSRPRF). The 5250 EDTF option to create the file will give you lots of headaches because it willbe created with CCSID of you job and the content will be the same (EBCDIC) so when bash tries to read it is sees garbage characters it cannot understand. This is where nano comes in and the bash shell.

First execute the bash shell, remember the path is not set up yet so we need to fully qualify the path to the shell. Enter the following in the putty session you just started.

/QOpenSys/pkgs/bin/bash

Now we have a much better shell, but doing this everytime is going to be a real problem! So we will create a file in the home directory to force this shell every time we sign in via the putty session. You can simply echo the content to the file using echo but we want to use nano, if we get it wrong we can correct very easily :-). Run the following command to start the nano editor in the putty session. (you should replace CHRISH with your correct profile setting, it can also be a lowercase name such as chrish as long as that is defined as such in the home directory of the profile)

/QOpenSys/pkgs/bin/nano /home/CHRISH/.profile

You will need to enter the following text into the file which will execute the bash shell on sign in.

exec /QOpenSys/pkgs/bin/bash

Save the file (Ctl X and press Y to store in the file). Next we need to set the path so we are not constantly needing to fully qualify the path to the binary. This is done through another file .bashrc.

/QOpenSys/pkgs/bin/nano /home/CHRISH/.bashrc

This is where we can set environment variables for the bash shell, we are interested in setting the PATH so we added the following.

export PATH=/QOpenSys/pkgs/bin:$PATH

This will set the path to point to the Open Source packages (I believe IBM will only ever place packages in the directory now?) so we can use them. Now all you need to do is close the existing putty session and start a new one. You can check everything is set up by the following.

  • Once signed in you will see bash-x.x$ as the prompt. bsh will only show $ unless you have set the PS1 variable in another script.
  • echo $PATH will show the /QOpenSys/pkgs/bin as the first section in the statement.

That’s it, now to get down to some more Opens Source testing.

Chris…