Re: Batch SFTP without client keys or USS files?

Fri, 16 Oct 2020 06:17:24 -0700 

On 10/15/2020 8:36 PM, Wendell Lovewell wrote:

Is it possible to code a proc that would invoke SFTP to transfer a file to or 
from a non-z/OS ftp server using only that server's public key and a 
userid/password combination like you would use for FTP or FTPS?



Yes it is possible.  Check out the SSH_ASKPASS and DISPLAY environment 
variables.  Here's a job snippet that should get you going in the right 
direction.


//*********************************************************************

//* Create the ssh_askpass script.  When called, this script echoes 
//* the password to the caller.  It is used for obtaining the password

//* "interactively" when running sftp in the UNIX shell.

//*********************************************************************//ASKPASS 
  EXEC PGM=IEBGENER                                         //SYSPRINT 
DD SYSOUT=*                                               //SYSIN     DD 
DUMMY                                                  //SYSUT2    DD 
PATHOPTS=(OWRONLY,OCREAT,OTRUNC),

//             PATHMODE=SIRWXU,FILEDATA=TEXT,
//             PATH='/tgtWorkDir/Tttttttt/sftp.pw.sh'

//SYSUT1    DD * 
echo 'password'

/*
//*********************************************************************

//* Execute sftp in the UNIX shell. 
//* 
//* Environment variables: 
//*   SSH_ASKPASS -- identifies a script or program that returns the 
//*     password.

//*   DISPLAY -- identifies the X11 server.  Any non-null value
//*     enables the SSH_ASKPASS program to read the password.

//* 
//* sftp options: 
//*   -oBatchMode=no -- batch mode is disabled, thus allowing the 
//*      password to be obtained "interactively". 
//*   -b filename -- identifies the file containing the sftp commands. 
//*   -oStrictHostKeyChecking=no -- allows connection to servers that 
//*      are not identified in the client ~/.ssh/known_hosts file. 
      //*   -oPort -- identifies the port on which the server is listening.
//*********************************************************************//SFTP 
     EXEC PGM=BPXBATCH

//STDENV    DD *
SSH_ASKPASS=/tgtWorkDir/Tttttttt/sftp.pw.sh
DISPLAY=FOOBAR

/* 
//STDPARM   DD * 
SH /bin/sftp

-b /tgtWorkDir/Tttttttt/sftp.cmds
-oBatchMode=no
-oStrictHostKeyChecking=no
-oPort=22use...@source.sftp.host.name
/*
//STDOUT    DD SYSOUT=*
//STDERR    DD SYSOUT=*


I didn't attend but I heard Ed Jaffe in the recent online SHARE 
discussed this very topic in the Bit Bucket session.  I would check out 
his slides if you have access.


Kurt Quackenbush -- IBM, SMP/E Development
Chuck Norris never uses CHECK when he applies PTFs.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN






















					Reply via email to