On Wed, 4 Feb 2015 23:33:13 -0500, Rob Schramm wrote: > >Where did the ASKPASS come from? > It appears to be a member of a PDS allocated to STDENV. (I trimmed the OP considerably to what I was commenting on.) Can you clarify/expand your question?
>On Wed, Feb 4, 2015 at 5:34 PM, Paul Gilmartin wrote: > >> On Wed, 4 Feb 2015 17:11:12 -0500, Mark Jacobs - Listserv wrote: >> >> >You should really, really use public key authentication instead of >> >user/passwords. >> > >> I suggested that initially. But now I think of one utility my >> employer supplies which requires user/password. The admins >> are shirking the chore of adding each entitled public key to >> the utility's .ssh directory. >> >> Process. If a user becomes disentitled, established process >> removes him from LDAP, and user/password is disabled. >> >> Of course that process should also lock the user's HOME directory, >> likewise disabling ssh/sftp. >> >> And, FWIW, ssh/sftp transfer the password *after* securing the >> connection. >> >> On 2015-02-04 15:08, Grinsell, Don wrote: >> > This is what I use: >> > //* >> > //STDENV DD DSN=USERID.TSOLIB.PDS(ASKPASS),DISP=SHR >> > ... >> > USERID.TSOLIB.PDS(ASKPASS) contains: >> SSH_ASKPASS=/u/systech/userid/.ssh/askpassrds.sh >> > >> Kinda circuitous. Why not simply code that value in an instream STDPARM? >> >> (But you might instead want the flexibility of: >> //STDENV DD DSN=&SYSUID.TSOLIB.PDS(ASKPASS),DISP=SHR >> ) >> >> -- gil >> >> ---------------------------------------------------------------------- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to [email protected] with the message: INFO IBM-MAIN >> > >---------------------------------------------------------------------- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
