http://osr600doc.sco.com/en/man/html.TC/ftp.TC.html
Maybe there is something in the SCO ftp client that can be added to suppress the behavior... It looks like there might be a flag that can suppress this from the SCO side -A suppress automatic AUTH command on login for servers that do not support this feature (and the connection). Have they opened an issue with SCO or reviewed the ftp client documentation with you? It is probably worth exploring as it might be a quick fix. Bear in mind I know very little about KERBEROS or networking and next to nothing about SCO so I just Googled it... http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLD,GGLD:2 005-10,GGLD:en&q=FTP+AUTH+KERBEROS%5FV5+command+before+the+USER+and+PASS Best Regards, Sam Knutson, GEICO Performance and Availability Management mailto:[EMAIL PROTECTED] (office) 301.986.3574 "Think big, act bold, start simple, grow fast..." -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Perryman, Brian Sent: Thursday, November 10, 2005 7:28 AM To: [email protected] Subject: Secure z/OS 1.4 FTP server - quite urgent Hi folks We upgraded from OS/390 to z/OS 1.4 at the weekend. Since then, ONE of our 1100 FTP clients cannot get in. We have a third-party product that sits in front of our FTP server, providing additional RACF and other functionality. This product is failing the user's signon because they send in an FTP AUTH KERBEROS_V5 command before the USER and PASS combination, and the product cannot deal with this (The vendors are working on this as a matter of extreme urgency). But I need to know why this AUTH command is coming from the (SCO Unix V5) client. They say there's nothing on their command line switches or anything that would cause this. My FTPSDATA has everything SSL or security related - everything, I mean everything, I've been through the parms with the manual several times now - all turned off or defaults. It's a pure, raw, basic FTP server. Our customer that these FTP clients are sending files in for is a major UK bank and is starting to suggest that they will demand the upgrade to be backed out. If I can stop this AUTH command from being (solicited by us?) sent in, the problem with the third party product not recognising secure FTP will be less urgent. Anyone got any ideas? Anything? Please? HELP..! Cheers Brian <> ==================== This email/fax message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of this email/fax is prohibited. If you are not the intended recipient, please destroy all paper and electronic copies of the original message. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
