On Fri, 16 Oct 2020 09:27:07 -0400, Kurt Quackenbush wrote: > >> On 10/15/2020 8:36 PM, Wendell Lovewell wrote: >>> Is it possible to code a proc that would invoke SFTP to transfer a >>> file to or from a non-z/OS ftp server using only that server's public >>> key and a userid/password combination like you would use for FTP or FTPS? >> >> Yes it is possible. Check out the SSH_ASKPASS and DISPLAY environment >> variables. Here's a job snippet that should get you going in the right >> direction. > In almost any case there's the administrative requirement of configuring the server to recognize the client's user's credentials: password, certificate, public key, ...
The exception is for unrestricted access, as with anonymous FTP. Is there anonymous SFTP? Publish the private key or password? >//********************************************************************* >//* Create the ssh_askpass script. When called, this script echoes//* >the password to the caller. It is used for obtaining the password >//* "interactively" when running sftp in the UNIX >shell//********************************************************************* >//ASKPASS EXEC PGM=IEBGENER >//SYSPRINT DD SYSOUT=* >//SYSIN DD DUMMY >//SYSUT2 DD PATHOPTS=(OWRONLY,OCREAT,OTRUNC), >// PATHMODE=SIRWXU,FILEDATA=TEXT, >// PATH='/tgtWorkDir/Tttttttt/sftp.pw.sh' >//SYSUT1 DD * echo 'password' >/* Stashing a password in a JCL member? But with proper access rules this is comparable to a suitably protected ~userID/.ssh/. Does SFTP require that each directory in the path from "/" be suitably protected? -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
