I can get to it and download the files. That's with IE. Chrome doesn't do well with anonymous FTP on the corporate network. I didn't try a standard FTP client. At any rate, reply off list, and I would be happy to send the files to you, though they are not anywhere near as recent as 2018:
10/Aug/2011 00:00 7 KB keyxfer.readme.txt<ftp://ftp.software.ibm.com/s390/zos/tools/keyxfer/keyxfer.readme.txt> 02/Aug/2011 00:00 64.8 KB keyxfer.rexx<ftp://ftp.software.ibm.com/s390/zos/tools/keyxfer/keyxfer.rexx> 10/Aug/2011 00:00 64.8 KB keyxfer.rexx.txt<ftp://ftp.software.ibm.com/s390/zos/tools/keyxfer/keyxfer.rexx.txt> 02/Aug/2011 00:00 7 KB readme.txt<ftp://ftp.software.ibm.com/s390/zos/tools/keyxfer/readme.txt> First Horizon Bank Mainframe Technical Support -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Dave Jousma Sent: Monday, October 19, 2020 9:31 AM To: [email protected] Subject: IBM KEYXFER rexx [External Email. Exercise caution when clicking links or opening attachments.] All, Do any of you have a copy of IBM AS-IS utility “KEYXFER”? The copy I have is from 2006, was updated in 2018. IBM has moved all their stuff into GITHUB now, and the README is there, but not the REXX code. The code also used to live at ftp://ftp.software.ibm.com/s390/zos/tools/keyxfer/. I'm able to get to the site, but cant download anything. FYI, this utility is for exporting/importing PKDS keys out of ICSF. I do have a ticket open with IBM on this, but they seem to be dragging their feet trying to put it back out on GITHUB. If anyone has a copy, I’d appreciate someone sending it to me? For the curious, here is the readme keyxfer A Key Transfer Tool Introduction The key transfer tool (KEYXFER) is a REXX exec that runs on MVS. KEYXFER facilitates the transfer of PKDS or CKDS key tokens between systems that use the Integrated Cryptographic Services Facility (ICSF). The KEYXFER tool assumes the following: 1. ICSF is running on the systems involved in the key transfer 2. ICSF has an active Key Data Set (CKDS/PKDS) For a PKA key token transfer the tool retrieves the token from the active PKDS and writes it to a data set (file). For a symmetric key token transfer the tool retrieves the token from the active CKDS and writes it to a data set (file). The data set can then be transmitted to any number of systems. On each system the tool can be used to read the key token from the transmitted file and store it into the active PKDS or CKDS. The tokens are referenced by label. The format of the command is illustrated below: Syntax KEYXFER OPER, LABEL, DSN, OPTION OPER = READ_PKDS reads from the transmitted data set WRITE_PKDS writes to the transmitted data set READ_CKDS reads from the transmitted data set WRITE_CKDS writes to the transmitted data set LABEL = label of PKDS or CKDS record to be retreived/stored DSN = name of data set holding the token OPTION = OVERWRITE a label in the PKDS or CKDS. If OVERWRITE is specified in the option field then an existing label will be overwritten with the token from the transmitted data set. DATA SET: A PS or PDS data set can be used. An LRECL=80 is recommended, but not required The information stored in the KEYXFER data set consists of the following: Date KDS label Length of token Token Notes External key tokens can be received on any ICSF system. If the key token is an internal key token (see ICSF Application Programmers Guide) then it is encrypted under the ICSF master key of the system. Transferring the key token requires that the receiving systems use the same ICSF master key. If ICSF services are RACF protected (CSFSERV) then access will be required by the user for the CSNDKRC, CSNDKRR, and CSNDKRW services for PKDS transfers or CSNBKRC, CSNBKRR and CSNBKRW for CKDS transfers. Samples • Write the key token stored in the active PKDS under the label PKDS.KEY.LABEL to the data set TEMP.MEM KEYXFER WRITE_PKDS, PKDS.KEY.LABEL, TEMP.MEM • Read the key token contained in the data set TEMP.MEM and write the token to the active PKDS under the label PKDS.KEY.LABEL. (If the label already exists in the PKDS the operation will fail.) KEYXFER READ_PKDS, PKDS.KEY.LABEL, TEMP.MEM • Read the key token contained in the data set TEMP.MEM and write the token to the active PKDS under the label PKDS.KEY.LABEL (If the label already exists in the PKDS the token for that label will be overwritten.) KEYXFER READ_PKDS, PKDS.KEY.LABEL, TEMP.MEM, OVERWRITE • Read the key token contained in the data set TEMP.MEM and write the token to the active PKDS. Since no PLABEL was specified the label Contained in the file is used as the label for the token on the new system. KEYXFER READ_PKDS, , TEMP.MEM • Write the key token stored in the active CKDS under the label CKDS.KEY.LABEL to the data set TEMP.MEM KEYXFER WRITE_CKDS, CPKDS.KEY.LABEL, TEMP.MEM ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected]<mailto:[email protected]> with the message: INFO IBM-MAIN Confidentiality notice: This e-mail message, including any attachments, may contain legally privileged and/or confidential information. If you are not the intended recipient(s), or the employee or agent responsible for delivery of this message to the intended recipient(s), you are hereby notified that any dissemination, distribution, or copying of this e-mail message is strictly prohibited. If you have received this message in error, please immediately notify the sender and delete this e-mail message from your computer. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
