On 10/16/2020 9:16 AM, Kurt Quackenbush wrote:
On 10/15/2020 8:36 PM, Wendell Lovewell wrote:
Is it possible to code a proc that would invoke SFTP to transfer a
file to or from a non-z/OS ftp server using only that server's public
key and a userid/password combination like you would use for FTP or FTPS?
Yes it is possible. Check out the SSH_ASKPASS and DISPLAY environment
variables. Here's a job snippet that should get you going in the right
direction.
Argh! Sorry about the wrap. Let me try again:
//*********************************************************************
//* Create the ssh_askpass script. When called, this script echoes//*
the password to the caller. It is used for obtaining the password
//* "interactively" when running sftp in the UNIX
shell//*********************************************************************
//ASKPASS EXEC PGM=IEBGENER
//SYSPRINT DD SYSOUT=*
//SYSIN DD DUMMY
//SYSUT2 DD PATHOPTS=(OWRONLY,OCREAT,OTRUNC),
// PATHMODE=SIRWXU,FILEDATA=TEXT,
// PATH='/tgtWorkDir/Tttttttt/sftp.pw.sh'
//SYSUT1 DD * echo 'password'
/*
//*********************************************************************
//* Execute sftp in the UNIX shell.
//*
//* Environment variables:
//* SSH_ASKPASS -- identifies a script or program that returns the
//* password.
//* DISPLAY -- identifies the X11 server. Any non-null value
//* enables the SSH_ASKPASS program to read the password.
//*
//* sftp options:
//* -oBatchMode=no -- batch mode is disabled, thus allowing the
//* password to be obtained "interactively".
//* -b filename -- identifies the file containing the sftp commands.
//* -oStrictHostKeyChecking=no -- allows connection to servers that
//* are not identified in the client ~/.ssh/known_hosts file.
//* -oPort -- identifies the port on which the server is listening.
//*********************************************************************
//SFTP EXEC PGM=BPXBATCH
//STDENV DD *
SSH_ASKPASS=/tgtWorkDir/Tttttttt/sftp.pw.sh
DISPLAY=FOOBAR
/*
//STDPARM DD * SH /bin/sftp
-b /tgtWorkDir/Tttttttt/sftp.cmds
-oBatchMode=no
-oStrictHostKeyChecking=no
-oPort=22use...@source.sftp.host.name
/*
//STDOUT DD SYSOUT=*
//STDERR DD SYSOUT=*
I didn't attend but I heard Ed Jaffe in the recent online SHARE
discussed this very topic in the Bit Bucket session. I would check out
his slides if you have access.
Kurt Quackenbush -- IBM, SMP/E Development
Chuck Norris never uses CHECK when he applies PTFs.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN