If you don't have CryptoExpress processors, but do have CPAF enabled on
your processor/LPAR, you still might need ICSF active. I don't know off
hand if ssh will directly use the CPAF facilities without ICSF being
available.
Mark Jacobs
scott Ford <mailto:idfli...@gmail.com>
February 4, 2017 at 4:15 PM
Guys:
I have a SSH question, we dont have a ICSF , do i need one to do SSH ? We
want to do scp from Windows to
z/OS . I want stepping thru the ICSF stc doc and read about 'head
'dev/random' and its not working returning an error
Scott
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Please be alert for any emails that may ask you for login information
or directs you to login via a link. If you believe this message is a
phish or aren't sure whether this message is trustworthy, please send
the original message as an attachment to 'phish...@timeinc.com'.
Kirk Wolf <mailto:k...@dovetail.com>
February 3, 2017 at 8:58 AM
Standard SSH/SFTP doesn't support X.509 certificate's for authentication,
so I don't understand your reference to a CA.
(z/OS OpenSSH does allow you to put SSH public and private keys in a Key
Ring Certificate, but only the keys are used; the certificate and its
signature are irrelevant.)
Kirk Wolf
Dovetailed Technologies
http://dovetail.com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Please be alert for any emails that may ask you for login information
or directs you to login via a link. If you believe this message is a
phish or aren't sure whether this message is trustworthy, please send
the original message as an attachment to 'phish...@timeinc.com'.
Jantje. <mailto:jan.moeyers...@gfi.be>
February 3, 2017 at 6:48 AM
The issue I have with that is one of trust: In the end, I just have to
trust whatever the Root Certification Authority is. Or actually, I
have to trust Microsoft to have correctly verified the identity of
that RCA and the integrity of the certificate they present, because it
is MS that installed that certificate in my browser. (s/MS/Google/g
for Chrome...)
Cheers,
Jantje.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Please be alert for any emails that may ask you for login information
or directs you to login via a link. If you believe this message is a
phish or aren't sure whether this message is trustworthy, please send
the original message as an attachment to 'phish...@timeinc.com'.
--
Mark Jacobs
Time Customer Service
Global Technology Services
The standard you walk past is the standard you accept.
Lt. Gen. David Morrison
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN