Dovetail work well for me. A sample below: //add jobcard //SFTPPUT EXEC PROC=SFTPPROC //SFTPIN DD * host=sftp.ecurep.ibm.com pwdsn="&SYSUID.SFTP.JCL(IBMPASS)" user="yyyyyyyyyyyy" . $script_dir/sftp_connect.sh <<EOB cd toibm/mvs put '//&SYSUID.DUMP.zzzzzzzz.TRS' 'TSnnnnnnnnn.DUMP.zzzzzzzz.TRS' EOB
Works well with BMC too. Regards, Rajesh -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Wendell Lovewell Sent: Friday, October 16, 2020 5:10 PM To: [email protected] Subject: Re: Batch SFTP without client keys or USS files? Thanks Kurt! I did see Ed's presentation, but at the time it was a solution for which I didn't have a problem, so it stayed in the bit bucket. Unfortunately, even with your and Ed's expert help, I'm still stumped. I just don't seem to be able to get the "SSH_ASKPASS" to work, even after reading what literally seems to be everything on the Internet about it. (My 2 hour job's gone 2 days now...) Just a reminder: I'm going from a z/OS sftp client to a non-z/os ftp server where I can't store user keys. StrictHostKeyChecking=no is saving the non-z/OS server's keys in ~/.ssh/known_hosts, but I need to specify a userid/pwd to access the server. What I have is: // EXPORT SYMLIST=(*) // SET FROM=USER.DFDSS.XMI // SET TO=CUS12345.ESTFILE //* //SFTP EXEC PGM=BPXBATCH //STDENV DD * SSH_ASKPASS=/tmp/sftp.pw.sh DISPLAY=DISPLAY //* //STDPARM DD *,SYMBOLS=JCLONLY SH cd /tmp; echo cp -Bv "//'&FROM'" /tmp/&TO; cp -Bv "//'&FROM'" /tmp/&TO; echo "echo 'ftppwd'" > sftp.pw.sh; chmod 700 sftp.pw.sh; echo "cd /FTPDir" > sftp.cmds; echo "put /tmp/&TO &TO" >> sftp.cmds; echo "quit" >> sftp.cmds; chmod 600 sftp.cmds; echo '--------------------------------------------------------'; echo '-sftp.cmds contents:'; cat sftp.cmds; echo '--------------------------------------------------------'; echo '-sftp.pw.sh contents:'; cat sftp.pw.sh; echo '--------------------------------------------------------'; /bin/sftp -b sftp.cmds -oBatchMode=no -oPort=2222 -oPasswordAuthentication=yes -oPreferredAuthentications=password -oStrictHostKeyChecking=no -oHostbasedAuthentication=no -oCheckHostIP=no -oPubkeyAuthentication=no -oLogLevel=DEBUG2 -oUser=ftpuser ftp.ftpserver.com; rm sftp.pw.sh; rm sftp.cmds; rm &TO; //* //STDOUT DD SYSOUT=M //STDERR DD SYSOUT=M //* Maybe my STDENV isn't getting read, but I can't prove it. I'm getting: FOTS1373 [email protected]: Permission denied (publickey,keyboard-interactive,password). Here's the tail of my output w/DEBUG1: debug1: Host '[ftp.ftpserver.com]:2222' is known and matches the RSA host key. debug1: Found key in /.ssh/known_hosts:2 debug1: cipher_init: aes128-ctr from source CPACF, used in non-FIPS mode debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: cipher_init: aes128-ctr from source CPACF, used in non-FIPS mode debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive,password debug1: No more authentication methods to try. FOTS1373 [email protected]: Permission denied (publickey,keyboard-interactive,password). debug1: zsshSmfSetConnSmfStatus: SMF status is 0 Connection closed. FOTS0841 Connection closed Here's the head, showing the contents of my sftp.pw.sh and sftp.cmds files: cp -Bv //'USER.DFDSS.XMI' /tmp/CUS12345.ESTFILE USER.DFDSS.XMI -> /tmp/CUS12345.ESTFILE: binary -------------------------------------------------------- -sftp.cmds contents: cd /FTPDir put /tmp/CUS12345.ESTFILE CUS12345.ESTFILE quit -------------------------------------------------------- -sftp.pw.sh contents: echo 'ftppwd' -------------------------------------------------------- FSUM1012 The initial working directory was not specified. FSUM1006 A shell was not specified. Processing continues using the default shell name. stty: !FSUMB045 failed to get termios attributes: EDC5134I Function not implemented. debug1: Reading configuration data /etc/ssh/ssh_config debug1: zsshSmfSetConnSmfStatus: SMF status is 0 debug2: resolving "ftp.ftpserver.com" port 2222 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to ftp.ftpserver.com [192.208.58.102] port 2222. debug1: Connection established. ... My /etc/ssh/ssh_config only has an entry for Ciphers and MACS - I think that's what IBM ships. I don't have my own ~/.ssh/ssh_config. Anyone have any ideas? Thanks again, Wendell ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN The information contained in this e-mail, and any attachment, is confidential and is intended solely for the use of the intended recipient. Access, copying or re-use of the e-mail or any attachment, or any information contained therein, by any other person is not authorized. If you are not the intended recipient please return the e-mail to the sender and delete it from your computer. Although we attempt to sweep e-mail and attachments for viruses, we do not guarantee that either are virus-free and accept no liability for any damage sustained as a result of viruses. Please refer to https://disclaimer.bnymellon.com/eu.htm for certain disclosures relating to European legal entities. We take our data protection and privacy responsibilities seriously and our privacy notice explains how we collect, use and share personal information in the course of our business activities. It can be accessed at the privacy section of www.bnymellon.com. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
