I am trying to integrate a new RHEL 8 server into our OID environment. The application that will be hosted on it requires SSH access but does not use SFTP, and so in a previous security audit, this was flagged as an unnecessary service. As such, our standard practice is to comment out the line:
Subsystem sftp /usr/libexec/openssh/sftp-server
found in the /etc/ssh/sshd_config file. However, when I try to add this system to OID via the Unix Connector, I am met with the message:
[System.Exception] Could not open SUGI session for X.X.X.X: Could not open SFTP connection to host: Failed to establish SFTP connection (error code is 103)
If I remove the comment on the line in the config file, then OID connects successfully. When using Putty, I can SSH to the target server without issue and run the needed commands to perform user management functions without SFTP enabled. What functions is OID performing on the target RHEL system that it requires SFTP to be enabled? I need to provide our security team with a reason for having this service enabled, and on the surface I'm not finding one.
