Debes tener instalado el LICPGM  5733SC1 (*BASE y OP.1).
Genera el almacén de claves en el SERVER: Aquí te va una viejo instructivo que 
use hace tiempo…espero te sirva.

1. CONFIGURATION REQUIRED IN SYSTEM (SOURCE). This will be a client connecting 
to SFTP server in AS/400.

1.1 Create server keys to prepare SFTP to run as a server (if necessary).

To run the sshd server on i5/OS:
·         The userid that starts the server must have *ALLOBJ special authority
·         The userid that starts the server must be 8 or fewer characters long
·         Before starting sshd for the first time, you will need to generate 
host keys:

ssh-keygen -t rsa1 -f 
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_host_key -N ""

ssh-keygen -t dsa -f 
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_host_dsa_key -N ""

ssh-keygen -t rsa -f 
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_host_rsa_key -N ""

1.2 Prepare SFTP to run as a client.

Create the directory <user id> under /home directory.  <user id> is the user 
profile which will be used to generate the keys.
This user id must be a user profile with *SECADM and *ALLOBJ.

       crtdir ‘/home/<user id>’

Generate a public key by entering the following commands on the iSeries’s 
command line,

call qp2term
cd /home/<user id>
ssh-keygen -t rsa

Note that the directory  /.ssh is automatically created under /home/<user id> 
when the key is generated.

The public key will be created in IFS directory /home/<user id>/.ssh/ where 
<user id> is the user profile used to run the above commands.
The public key file name is created with name id_rsa.pub and hidden by the 
system for protection, therefore the file can only be accessed in the IFS 
through iSeries Navigator.

FTP the file id_rsa.pub to your PC and email it to administrator of SFTP Server.

2. CONFIGURATION REQUIRED IN SERVER SYSTEM (TARGET).

2.1 If this is the first time using the sftp server in the iSeries, then create 
the sftp server private and public keys.

2.2 Start sftp server
STRTCPSVR  SERVER(*SSHD)

2.3 Determine what user id will be used to connect to the target system. 
(UserID:  SA007 is used in this sample).
call qp2term

2.4 Create directory .ssh under /home/user-id and grant access
mkdir /home/sa007/.ssh
chmod 700 /home/sa007/.ssh
chmod 744 <directory user name>

then

chmod g+s <directory user name>

2.5 Change current directory and import public key into file of authorized_keys
cd /home/sa007/.ssh
cat /home/sa007/.ssh/id_rsa.pub >> authorized_keys

2.6 Set permissions on authorized_keys (write authorities removed)
chmod go-rwx authorized_keys

2.7 Verify permissions on authorized_keys
ls –l
       -rw-------   1 sa007    0                 0 Jun  2 10:12 authorized_keys

2.8 Display content of authorized_keys
cat authorized_keys

AAAAB3NzaC1yc2EAAAABIwAAAIEAyWzV80LWVGXDYihITec/pz+phWKRsTLMmwuJOHxDS
CzZkbo70yQh42pOPJHyZA5zFzynm3EqM+c3NtD6oPdbrKBX/1Lie7GXCmZpO+N1iHwv8iRoNiOyRL
z9kny8nMCpXQDiyKGtwaX83+pwm3rt/JxNxyx0HGqEQSLmanPNI68= sa...@server.xxx.yyy


3.  START SSH AGENT ON SOURCE SYSTEM AND PERFORM SFTP

3.1 Start ssh agent on the source system (to enable the system as sftp client)
ssh-agent $SHELL
ssh-add
       Identity added: /home/SA007/.ssh/id_rsa (/home/SA007/.ssh/id_rsa)

3.2 Retrieve public key from the target system
ssh <target system>

The authenticity of host 'i5osp2 (172.17.17.29)' can't be established.
. key fingerprint is RSA.
Are you sure you want to continue connecting (yes/no)?
Reply yes to this question.

> yes


Warning: Permanently added 'i5osp2,nnn.nnn.nnn.nnn’ (RSA) to the list of known 
hosts.
Sa007@SERVER password

3.3 Establish SFTP connection
sftp SERVER

3.4 Use sftp
put /QSYS.LIB/QGPL.LIB/TESTFILE.FILE  /QSYS.LIB/QGPL.LIB/TESTFILE.FILE


3.5 How to debug the connection (if necessary).
sftp -vvv   IP Server > /home/sa007/sftplog.txt 2>&1

The above command will dump the log of the sftp connection and authentication 
to the file /home/sa007/sftplog.txt.



Ignacio T.










IT
De: forum.help400-boun...@listas.combios.es 
[mailto:forum.help400-boun...@listas.combios.es] En nombre de 
marti.ri...@gmail.com
Enviado el: sábado, 08 de junio de 2019 3:29
Para: Forum.Help400 <forum.help400@listas.combios.es>
Asunto: Re: sftp AS400

Hola,
Si lo tiene pero hay que instalarlas, ahora mismo no recuerdo la opción a 
instalar.
Para saber si las tienes instalada
STRQSH CMD(sftp)
Saludos

Enviat amb GMail Android

El ds., 8 juny 2019, 04:36, Carlos C. 
<paipuk...@hotmail.com<mailto:paipuk...@hotmail.com>> va escriure:
Buenas noches
Alguien puede indicarme si el Sistema Operativo del Iseries trae incorporado el 
servicio SFTP para utlizar.

Estoy con FTP y me estan solicitando utilizar el SFTP.

Graccias por su ayuda.

Saludos

[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Libre de virus. 
www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
____________________________________________________
Únete a Recursos AS400, nuestra Comunidad ( http://bit.ly/db68dd )
Forum.Help400 © Publicaciones Help400, S.L.

-----------------------------------------------------------------
Notice of Confidentiality: The information transmitted is intended only for the 
sender and person or entity to which it is addressed and may contain 
confidential and/or privileged material. Any review, e-transmission, 
dissemination or other use of, or taking of any action in reliance upon, this 
information by persons or entities other than the intended recipient is 
prohibited.
If you received this in error, please contact the sender immediately by return 
electronic transmission and then immediately delete this transmission, 
including all attachments, without copying, distributing or disclosing same.
------------------------------------------------------------------
Aviso de Confidencialidad: Este correo electrónico y/o el material adjunto es 
para uso exclusivo del emisor y la persona o entidad a la que expresamente se 
le ha enviado, y puede contener información confidencial o material 
privilegiado. Si usted no es el destinatario legítimo del mismo, por favor 
repórtelo inmediatamente al remitente del correo y bórrelo.
Cualquier revisión, retransmisión, difusión o cualquier otro uso de este 
correo, por personas o entidades distintas a las del destinatario legítimo, 
queda expresamente prohibido. Este correo electrónico no pretende ni debe ser 
considerado como constitutivo de ninguna relación legal, contractual o de otra 
índole similar.
____________________________________________________
Únete a Recursos AS400, nuestra Comunidad ( http://bit.ly/db68dd )
Forum.Help400 © Publicaciones Help400, S.L.

Responder a