Roger, The FOTS1373 message is being emitted from Ported Tools OpenSSH. Are you able to connect a basic SSH session to the target system with that z/OS user?
Because the Ported Tools SSH client can't be run under OMVS, The best way to test this is to use a generic ssh client to connect to z/OS (like PuTTY), then from the Unix System Services command prompt issue: "ssh x...@some.host.name". If you're prompted for a password, there's an issue with your key setup. The most common error is a bad file/directory permission: - Your $HOME directory must not be group writable - $HOME/.ssh should be rwx for the user and not accessible by others - Your private key (e.g. $HOME/.ssh/id_rsa) must be readable for the user only - You don't have have your public key properly available in your $HOME/xyz/.ssh/authorized_keys file on some.host.name. The most common problem here is that the public key was transferred from z/OS without translation. If you can connect without a password prompt, you're using the keypair and the problem is probably somewhere in the Co:Z SFTP script setup. If this is the case, let me know and I'll give you some trace settings to run with so we can take a look. --Steve Dovetailed Technologies www.dovetail.com On Mon, May 13, 2013 at 1:11 AM, Roger Lowe <roger_l...@bigpond.com> wrote: > Hi Listers, > We are trying to use Co: z SFTP in batch with > Public/Private key authentication and not having much success. > > JCL that we are using: > > //SFTPCAT EXEC PROC=SFTPPROC > //SFTPIN DD * > user=xyz > host=some.host.name > lzopts="mode=text" > ldsn="//DD:MYDD" > rpat=/u/abc/sftp.txt > > . $script_dir/sftp_cat.sh > /* > //MYDD DD DSN=UID.SFTPCAT.DATA,DISP=(,CATLG),UNIT=SYSDA, > // DCB=(LRECL=80,RECFM=FB),SPACE=(CYL,(3,1)) > > (some fields have been changed to protect the innocent) > . > When we run the job, it produces the following error message - > "FOTS1373 Permission denied (publickey,password)." > . > Have read the documentation and it is still not clear as to what we need > to do to make use of private/public key authentication > . > Any ideas? > . > Thanks, Roger > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
