Yes, I know, but one of my goals in this effort is to make the migration
process transparent to the users. Requiring them to change existing
working processes is a non-starter.
Mark Jacobs
On 11/14/12 11:16, Kirk Wolf wrote:
If you use cozsftp -k and the specified keyring:label is not found, you
will get an error message but it will fall back and use the default
~/.ssh/id_rsa private key
Kirk Wolf
Dovetailed Technologies
http://dovetail.com
On Wed, Nov 14, 2012 at 7:14 AM, Mark Jacobs<mark.jac...@custserv.com>wrote:
IBM has confirmed that it isn't working as the documentation suggests.
They're going to have further discussions amongst themselves and most
likely will open up an APAR against Ported Tools.
Mark Jacobs
On 11/07/12 09:16, Mark Jacobs wrote:
Yes, I'm sure that the private key works.
I'll take a look into the -k option, and I did open up a SR with IBM this
morning.
Thanks again.
Mark Jacobs
On 11/07/12 09:09, Kirk Wolf wrote:
Are you sure that if you don't specify IdentityKeyRingLabel for this test
that the file private key works?
If so, then this would seem to be a defect, since the the documentation (
see ssh command, -i option) says:
...
To sum it up, the order that identities are tried are as follows:
1. Identities in the agent.
2. The key ring certificates on the command-line option
3. Key ring certificates specified in a zos_user_ssh_config file
4. Identity files on the command-line option, and then
5. Identity files specified in an ssh_config configuration file.
...
If there is indeed a bug, you could use Co:Z SFTP's -k option.
This is an alternative way of supporting SAF Keyrings, but we use an ssh
key agent with Ported Tools ssh. Our support predated IBM's key ring
support, but we kept it since it has some significant advantages :
- private keys can be kept in PKDS (hardware)
- ICSF and co-processor are used for RSA algorithms
- the syntax is easier, and supports default labels
Kirk Wolf
Dovetailed Technologies
http://dovetail.com
--
Mark Jacobs
Time Customer Service
Tampa, FL
----
The quiet ones are the ones that change the universe...
The loud ones only take the credit.
Londo Mollari - Babylon 5
------------------------------**------------------------------**----------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
Mark Jacobs
Time Customer Service
Tampa, FL
----
The quiet ones are the ones that change the universe...
The loud ones only take the credit.
Londo Mollari - Babylon 5
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
