Overcome 8-character user profile limit in SSH for IBM i

By default, IBM i’s Secure Shell (SSH) rejects connection attempts from user profiles longer than eight (8) characters. When long user profiles are rejected, error messages will vary, but users of Zend Studio, for example, will see “Failed to connect sshd on “<some ip address>.”

Since IBM i release 6.1, IBM i has supported an SSH setting, ibmpaseforienv PASE_USRGRP_LIMITED=N, to permit user profiles longer than 8 characters. IBM i 7.2 brought improved support for this capability.

• IBM i 6.1 and 7.1 require a PTF and the new setting.
• IBM i 7.2 and higher require only the setting.

For details, see  Zend Support specialist Rod Flohr’s article about how to remove the 8-character limit on user profiles when connecting via SSH.

(Dec. 3, 2017) Update for IBM i 7.3 and beyond: The path of sshd_config remains /QOpenSys/QIBM/UserData/SC1/OpenSSH/etc, unchanged from the IBM i 7.2 path in Rod’s article.