On 10/15/2020 8:36 PM, Wendell Lovewell wrote:
Is it possible to code a proc that would invoke SFTP to transfer a file to or
from a non-z/OS ftp server using only that server's public key and a
userid/password combination like you would use for FTP or FTPS?
Yes it is possible. Check out the SSH_ASKPASS and DISPLAY environment
variables. Here's a job snippet that should get you going in the right
direction.
//*********************************************************************
//* Create the ssh_askpass script. When called, this script echoes
//* the password to the caller. It is used for obtaining the password
//* "interactively" when running sftp in the UNIX shell.
//*********************************************************************//ASKPASS
EXEC PGM=IEBGENER //SYSPRINT
DD SYSOUT=* //SYSIN DD
DUMMY //SYSUT2 DD
PATHOPTS=(OWRONLY,OCREAT,OTRUNC),
// PATHMODE=SIRWXU,FILEDATA=TEXT,
// PATH='/tgtWorkDir/Tttttttt/sftp.pw.sh'
//SYSUT1 DD *
echo 'password'
/*
//*********************************************************************
//* Execute sftp in the UNIX shell.
//*
//* Environment variables:
//* SSH_ASKPASS -- identifies a script or program that returns the
//* password.
//* DISPLAY -- identifies the X11 server. Any non-null value
//* enables the SSH_ASKPASS program to read the password.
//*
//* sftp options:
//* -oBatchMode=no -- batch mode is disabled, thus allowing the
//* password to be obtained "interactively".
//* -b filename -- identifies the file containing the sftp commands.
//* -oStrictHostKeyChecking=no -- allows connection to servers that
//* are not identified in the client ~/.ssh/known_hosts file.
//* -oPort -- identifies the port on which the server is listening.
//*********************************************************************//SFTP
EXEC PGM=BPXBATCH
//STDENV DD *
SSH_ASKPASS=/tgtWorkDir/Tttttttt/sftp.pw.sh
DISPLAY=FOOBAR
/*
//STDPARM DD *
SH /bin/sftp
-b /tgtWorkDir/Tttttttt/sftp.cmds
-oBatchMode=no
-oStrictHostKeyChecking=no
-oPort=22use...@source.sftp.host.name
/*
//STDOUT DD SYSOUT=*
//STDERR DD SYSOUT=*
I didn't attend but I heard Ed Jaffe in the recent online SHARE
discussed this very topic in the Bit Bucket session. I would check out
his slides if you have access.
Kurt Quackenbush -- IBM, SMP/E Development
Chuck Norris never uses CHECK when he applies PTFs.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN