This article will explain the problems that may occur if trying to use the AllowFiles parameter in the Centrify sshd_config file on AIX machines.
Question:
On AIX machines, when trying to use the AllowFiles parameter in the /etc/centrifydc/ssh/sshd_config file, the Centrify-sshd service will not start. Why is this happening?
Answer:
AIX servers enforce SFTP permissions with AllowFiles, a parameter that is a unique implementation on the AIX operating system. Centrify's engineering team has confirmed the AllowFiles parameter is not supported with Centrify-OpenSSH as Centrify Direct Control agent is based on the open source OpenSSH standard.
Plans to add this feature in the future have not been decided on. An alternative would be to limit users via the Centrify supported method on AIX as described in KB-INT-5523: Configure SFTP chroot jail with Centrify-enabled users on AIX.