Is z/OS Encryption Facility different from ICSF ? A link to the app prog guide here : http://publib.boulder.ibm.com/infocenter/zos/v1r10/topic/com.ibm.zos.r10.csfb400/toc.htm
N 2011/4/5 Kirk Wolf <k...@dovetail.com> > Thanks for the kind plug John > > A few comments - > > - With IBM Ported Tools OpenSSH, you can put your SSH keys in a SAF / > RACF Keyring, which is much better than having them in a file > (regardless of the protection of that file). > > - Co:Z Launcher and Co:Z SFTP definitely work with Windows using the > free OpenSSH server available through cygwin. > > - With our new "OpenSSH Accelerator for z/OS, you can exploit CPACF on > z/OS for SSH encryption. Also, with Co:Z Launcher you can disable > encryption of data connections which is even faster/cheaper and a > killer solution if the partner machines are on a secure network, > hipersocket, zBX IEDN, etc. > > (see: http://dovetail.com/webinars.html for slides and a recording > of a recent webinar) > > Either Co:Z Launcher or Co:Z SFTP use z/OS OpenSSH - the choice > depends on whether you want simple file transfer or more cooperative > processing. > > For a quick comparison of z/OS SFTP with FTP/S that focuses on crypto > hardware exploitation, see slide 14 in the webinar: > http://dovetail.com/docs/oshxl/openssh-accelerator-webinar.pdf > > Kirk Wolf > Dovetailed Technologies > http://dovetail.com > > > 2011/4/5 McKown, John <john.mck...@healthmarkets.com>: > > Why encrypt and decrypt? Does it need to be on Linux in encrypted form? > If not, and if it were me, I'd use Dovetailed Technologies' Co:Z dspipes > utilities and simply transfer the files over an SSH tunnel. Using Co:Z, it > is easy. And the product is free to download. It contains some Linux > programs as well as z/OS programs. Go here: > http://dovetail.com/products/dspipes.html > > > > What is nice is that Co:Z can transfer the data from/to z/OS over an SSH > tunnel and do code conversion at the same time! And it does it to/from z/OS > legacy datasets or z/OS UNIX files. Excellent product. Totally cost free! > Support does cost. But they host a no cost support forum for informal > support. > > > > Example JCL: > > > > //PROCLIB JCLLIB ORDER=SYS1.COZ.SAMPJCL > > //EX1 EXEC PROC=COZPROC, > > // ARGS='linux-user@linux-server' > > //STDIN DD * > > fromdsn '//DD:INPUT ' >linux.file > > //INPUT DD DISP=SHR,DSN=MY.INPUT.PS.FILE > > // > > > > Now one thing you may notices is that I didn't include any kind of > password or passphrase. That's because on my z/OS system, I have the ssh key > for the linux system user, and that ssh key does not have a passphrase (null > passphrase). This is not the best idea, but I'm lazy. The documentation on > Co:Z shows how to use an ssh key which has a passphrase. > > > > I know this doesn't answer your question. But I'm hoping that maybe it is > a possible solution to your need - securely transferring data from z/OS to > Linux. You also mentioned Windows. I think this will work if you install an > SSH server on your Windows server. Perhaps Cygwin's would do - it is free > for the download. > > > > -- > > John McKown > > Systems Engineer IV > > IT > > > > Administrative Services Group > > > > HealthMarketsR > > > > 9151 Boulevard 26 . N. Richland Hills . TX 76010 > > (817) 255-3225 phone . > > john.mck...@healthmarkets.com . www.HealthMarkets.com > > > > Confidentiality Notice: This e-mail message may contain confidential or > proprietary information. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. HealthMarketsR is the brand name for products underwritten and > issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake > Life Insurance CompanyR, Mid-West National Life Insurance Company of > TennesseeSM and The MEGA Life and Health Insurance Company.SM > > > > > > > >> -----Original Message----- > >> From: IBM Mainframe Discussion List > >> [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of R.S. > >> Sent: Tuesday, April 05, 2011 8:31 AM > >> To: IBM-MAIN@bama.ua.edu > >> Subject: Encryption, compression, etc. > >> > >> I'm looking for some solution for file exchange between z/OS and > >> Windows/Linux platform. > >> > >> The only requirement is to encrypt the file (PS dataset) on z/OS side > >> and decrypt it on distributed side and vice versa. > >> > >> Nice to have: > >> - hash calculation > >> - compression > >> - exploitation of CPACF or CryptoExpress or zIIP hardware (to reduce > >> cost of CPU) > >> > >> Any clues and suggestions including both home-grown (DIY) > >> solutions and > >> commercial products are welcome. > >> > >> -- > >> Radoslaw Skorupka > >> Lodz, Poland > >> > >> > >> P.S. If one feels uncomfortable with "advertising" commercial > >> products, > >> please write to me directly. > >> > >> > >> -- > >> Treść tej wiadomości może zawierać informacje prawnie > >> chronione Banku przeznaczone wyłącznie do użytku służbowego > >> adresata. Odbiorcą może być jedynie jej adresat z wyłączeniem > >> dostępu osób trzecich. Jeżeli nie jesteś adresatem niniejszej > >> wiadomości lub pracownikiem upoważnionym do jej przekazania > >> adresatowi, informujemy, że jej rozpowszechnianie, > >> kopiowanie, rozprowadzanie lub inne działanie o podobnym > >> charakterze jest prawnie zabronione i może być karalne. > >> Jeżeli otrzymałeś tę wiadomość omyłkowo, prosimy niezwłocznie > >> zawiadomić nadawcę wysyłając odpowiedź oraz trwale usunąć tę > >> wiadomość włączając w to wszelkie jej kopie wydrukowane lub > >> zapisane na dysku. > >> > >> This e-mail may contain legally privileged information of the > >> Bank and is intended solely for business use of the > >> addressee. This e-mail may only be received by the addressee > >> and may not be disclosed to any third parties. If you are not > >> the intended addressee of this e-mail or the employee > >> authorised to forward it to the addressee, be advised that > >> any dissemination, copying, distribution or any other similar > >> activity is legally prohibited and may be punishable. If you > >> received this e-mail by mistake please advise the sender > >> immediately by using the reply facility in your e-mail > >> software and delete permanently this e-mail including any > >> copies of it either printed or saved to hard drive. > >> > >> BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 > >> (22) 829 00 00, fax +48 (22) 829 00 33, e-mail: i...@brebank.pl > >> Sąd Rejonowy dla m. st. Warszawy XII Wydział Gospodarczy > >> Krajowego Rejestru Sądowego, nr rejestru przedsiębiorców KRS > >> 0000025237, NIP: 526-021-50-88. > >> Według stanu na dzień 01.01.2011 r. kapitał zakładowy BRE > >> Banku SA (w całości wpłacony) wynosi 168.346.696 złotych. > >> > >> ---------------------------------------------------------------------- > >> For IBM-MAIN subscribe / signoff / archive access instructions, > >> send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > >> Search the archives at http://bama.ua.edu/archives/ibm-main.html > >> > >> > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > > Search the archives at http://bama.ua.edu/archives/ibm-main.html > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html