If you use cozsftp -k and the specified keyring:label is not found, you will get an error message but it will fall back and use the default ~/.ssh/id_rsa private key
Kirk Wolf Dovetailed Technologies http://dovetail.com On Wed, Nov 14, 2012 at 7:14 AM, Mark Jacobs <mark.jac...@custserv.com>wrote: > IBM has confirmed that it isn't working as the documentation suggests. > They're going to have further discussions amongst themselves and most > likely will open up an APAR against Ported Tools. > > Mark Jacobs > > > > On 11/07/12 09:16, Mark Jacobs wrote: > >> Yes, I'm sure that the private key works. >> >> I'll take a look into the -k option, and I did open up a SR with IBM this >> morning. >> >> Thanks again. >> >> Mark Jacobs >> >> On 11/07/12 09:09, Kirk Wolf wrote: >> >>> Are you sure that if you don't specify IdentityKeyRingLabel for this test >>> that the file private key works? >>> >>> If so, then this would seem to be a defect, since the the documentation ( >>> see ssh command, -i option) says: >>> ... >>> To sum it up, the order that identities are tried are as follows: >>> 1. Identities in the agent. >>> 2. The key ring certificates on the command-line option >>> 3. Key ring certificates specified in a zos_user_ssh_config file >>> 4. Identity files on the command-line option, and then >>> 5. Identity files specified in an ssh_config configuration file. >>> ... >>> >>> If there is indeed a bug, you could use Co:Z SFTP's -k option. >>> This is an alternative way of supporting SAF Keyrings, but we use an ssh >>> key agent with Ported Tools ssh. Our support predated IBM's key ring >>> support, but we kept it since it has some significant advantages : >>> >>> - private keys can be kept in PKDS (hardware) >>> - ICSF and co-processor are used for RSA algorithms >>> - the syntax is easier, and supports default labels >>> >>> Kirk Wolf >>> Dovetailed Technologies >>> http://dovetail.com >>> >>> > -- > Mark Jacobs > Time Customer Service > Tampa, FL > ---- > > The quiet ones are the ones that change the universe... > The loud ones only take the credit. > > Londo Mollari - Babylon 5 > > ------------------------------**------------------------------**---------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
