A case diagnosis and solution of DB2 error code 1639 and SQL state 08001 is described in detail

In the db2inst1/sqllib/security directory, check the permissions of the db2ckpw and db2chpw files.
A friend raised a problem with DB2 on Mars. After the initial installation and deployment, there was no problem with the local connection, but the remote could not connect to the database:

Error message: Error Code -1639, SQL State: 08001 :
There are several possibilities for this error, such as the firewall is not open for 50000 ports, but in this case, the client has closed the firewall and the port is accessible.
Another correlation issue is permissions, which are checked for db2ckpw and db2chpw files in the db2inst1/sqllib/security directory:

Change the major of these two files to root, change the permission to 4511, restart the database, the database can accept remote access:

Chown root db2chpw Chown root db2ckpw chmod 4511 db2chpw chmod 4511 db2ckpw

To summarize: the purpose of db2ckpw is to check the user id and password on the DB2 server. Because DB2 relies on operating system-level authentication, this process is used to verify the user id and password when a user or application connects to a database on the server. AUTHENTICATION is performed when AUTHENTICATION is set to SERVER, or when a connection is established from an insecure operating system. Verifying permissions requires checking the passwd file, and CKPW, as the name implies, means checking Password file, which is why the tool must be run as root and must be guaranteed if a remote connection is needed.
The following paragraph is clear:

db2ckpwd is the password checking daemon that deals with user authentication. This process is used to confirm that the id exists and has a right to be on the box. If the process if not a root process, only local connections will be allowed to the database because the id is already on the box. To make the OS API calls necessary to determine if the user has the right to be on the box, DB2’s db2ckpwd must run as root. If it is not started as root, it will not have Permissions to make the API calls, and it will return an SQL 30082 rc=24 error. Also since the db2ckpwd must su to root, in order to run as root, the db2ckpw file will need to have the su bit set, And the file system must be mounted so that su ‘ing is allowed.

DB2 creates the connection as follows:
Records are for reference.

Not enough after reading this article?The 2019 Data Technology Carnival is here! The charm of sharing data with you. Join now and enjoy the very low fares:

Read More: