Check MDI product at luminex.com for fast and secure SFTP or FTP Carlos Bodra IBM System Certified System z São Paulo - Brazil
-----Mensagem original----- De: IBM Mainframe Discussion List [mailto:[email protected]] Em nome de venkat kulkarni Enviada em: domingo, 29 de janeiro de 2017 14:38 Para: [email protected] Assunto: SFTP on z/OS Hello Group, We tested SFTP on our test z/OS system to Test AIX box and we are able to transfer data between these host. But now, I am trying in production system with below detail. 1) Our aim is to convert all our FTP jobs into SFTP. 2) We are using $universe as scheduler for submitting these FTP jobs on time to time. 3) We using user called "STCSYS" all these jobs. 4) But in FTP jobs, for every other host ( Ex AIX1, AIX2,AIX3 etc) we are using different user id password to login to target host and then start FTP process. 5) But in SFTP, it create TSO env using IKJEFT01 program and then run SFTP commands to transfer files between systems. Example of SFTP Job, we using //SFTPSFT JOB (7330),MSGCLASS=X,MSGLEVEL=(1,1),CLASS=P, // NOTIFY=&SYSUID //STEP1 EXEC PGM=IKJEFT01,REGION=0M //SYSEXEC DD DISP=SHR,DSN=SYS1.SBPXEXEC //SYSTSIN DD DSN=SFTPSFT.TEST.JCL(FTPTST1),DISP=SHR //OUTPUT DD SYSOUT=* //SYSTSPRT DD SYSOUT=* /* EDIT SFTPSFT.TEST.JCL(FTPTST1) - 01.02 Command ===> ****** ***************************** Top of Data **** 000800 OPUT 'SFTPSFT.SFTP.TEST(SFTP1)' '/u/SFTPSFT/vp12' 000900 OSHELL { echo 'lcd /u/stcsys' ; + 001000 echo 'ascii'; + 001100 echo 'cd /home/ftp4rpt/'; + 001200 echo 'mput test.txt'; } | + 001300 sftp -v [email protected] 001400 /* So, now I have stcsys user id created on mainframe with all # cd .ssh # ls -al total 96 drwx------ 2 MEAS OMVSGRP 8192 Jan 24 08:23 . drwxr-xr-x 3 MEAS OMVSGRP 8192 Jan 24 08:22 .. -rw------- 1 MEAS OMVSGRP 791 Jan 24 08:36 authorized_keys -rw------- 1 MEAS OMVSGRP 1675 Jan 24 08:23 id_rsa -rw-r--r-- 1 MEAS OMVSGRP 396 Jan 24 08:25 id_rsa.pub -rw-r--r-- 1 MEAS OMVSGRP 697 Jan 29 10:26 known_hosts # pwd /u/stcsys/.ssh and in AIX1 side, I have ftprpt user defined and $ cd /home/ftprpt /.ssh $ ls -al total 48 drwx------ 2 ftprpt staff 256 Jan 13 15:37 . drwxr-xr-x 3 ftprpt staff 4096 Jan 15 12:15 .. -rw-r--r-- 1 ftprpt staff 791 Jan 15 12:12 authorized_keys -rw-r--r-- 1 ftprpt staff 395 Jan 13 15:37 authorized_keys.old -rw------- 1 ftprpt staff 1675 Dec 11 14:25 id_rsa -rw-r--r-- 1 ftprpt staff 394 Dec 11 14:25 id_rsa.pub -rw-r--r-- 1 ftprpt staff 352 Jan 15 10:31 known_hosts $ and we exchanged rsa.pub key in authorized_keys file and exchanged ECDSA.pub key in known_hosts file but while running Job, I am getting below issue. OpenSSH_6.4, OpenSSL 1.0.1c 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Reading configuration data /etc/ssh/zos_ssh_config debug1: zsshSmfSetConnSmfStatus: SMF status is 0 debug1: Connecting to 10.22.22.220 Ý10.22.22.220¨ port 22. debug1: Connection established. debug1: cipher_init: none from source OpenSSL debug1: cipher_init: none from source OpenSSL debug1: permanently_set_uid: 0/1000 debug1: identity file /u/stcsys/.ssh/id_rsa type 1 debug1: identity file /u/stcsys/.ssh/id_rsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0 debug1: match: OpenSSH_6.0 pat OpenSSH* FOTS1061 key_read: uudecode AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbm lzdHAyNTYAAAB failed debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: mac_setup_by_alg: hmac-sha1 from source OpenSSL debug1: kex: server->client aes128-ctr hmac-sha1 none debug1: mac_setup_by_alg: hmac-sha1 from source OpenSSL debug1: kex: client->server aes128-ctr hmac-sha1 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA ce:14:d1:2f:b2:d1:7c:83:12:9a:16:1e:31:9d:b6:b7 FOTS1061 key_read: uudecode AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbm lzdHAyNTYAAAB failed debug1: read_passphrase: can't open /dev/tty: EDC5128I No such device. (errno2=0 FOTS1370 Host key verification failed. debug1: zsshSmfSetConnSmfStatus: SMF status is 0 FOTS0841 Connection closed Can you please help, if I am not following correct way on this new setup or I should be using same userid on both mainframe and aix side for exchanging keys with password less. Thanks in advance. Thanks & Regards Venkat ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
