Rafael Fernandez L. wrote:
Nobody mentioned ftp with GSSAPI (kerberos) ?
Ignacio Landín Villegas
Probably because there is rarely anyone using it.
Furthermore, it was all but unusable for a long time: although the
Kerberos ticket provided the cross-reference with the RACF userid,
support f
Nobody mentioned ftp with GSSAPI (kerberos) ?
Ignacio Landín Villegas
>-Original Message-
>From: IBM Mainframe Discussion List
>[mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt
>Sent: Tuesday, July 29, 2008 10:39 PM
>To: IBM-MAIN@BAMA.UA.EDU
>Subject: Re: secure ft
for other things, like telnet, web service,
etc, right?
My head hurts :-)
-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Walt Farrell
Sent: Tuesday, July 29, 2008 2:13 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: secure ftp on the mainframe
Its all a little confusing...
SSH is a tool/protocol for providing a secure connection over IP networks.
Once you have a connection, you can have multiple "channels" routed over
it. Channels could be interactive terminal sessions (to replace telnet),
port-forwarding channels, command redirection
On Tue, 29 Jul 2008 11:22:16 -0500, Hal Merritt <[EMAIL PROTECTED]> wrote:
>I was referring to the sftp that Walt mentioned. My take was that it was
>neither TLS nor SSH.
>
>"SFTP is not FTP at all. It is a secure, FTP-like communication
>protocol."
Perhaps you didn't see the next sentence of th
obert
Sent: Tuesday, July 29, 2008 10:34 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: secure ftp on the mainframe
http://www-03.ibm.com/servers/eserver/zseries/zos/unix/pdf/docs/fotza105
.pdf
..snip
NOTICE: This electronic mail message and any files transmitted with it are
intended
exclusive
"sftp" usually refers to the file transfer protocol that works as an
ssh subsystem (although some use the term to refer to FTP/TLS).
In the OpenSSH implementation, sftp and sftp-server are separate
binaries that are shipped as part of OpenSSH.
The sources for sftp and sftp-server are available fro
July 29, 2008 10:27 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: secure ftp on the mainframe
Do you have any links to SFTP sources? Google search results were
confusing and ambiguous.
-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Walt Farrell
Sen
> -Original Message-
> From: IBM Mainframe Discussion List
> [mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt
> Sent: Tuesday, July 29, 2008 10:27 AM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: secure ftp on the mainframe
>
> Do you have any links to SFTP source
Do you have any links to SFTP sources? Google search results were
confusing and ambiguous.
-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Walt Farrell
Sent: Thursday, July 24, 2008 11:04 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: secure ftp
On Thu, 24 Jul 2008 08:00:55 -0700, Kurt Eastwood <[EMAIL PROTECTED]> wrote:
>Is SFTP really a 'secure ftp'?
SFTP is not FTP at all. It is a secure, FTP-like communication protocol.
(SFTP here, is a function provided by the ssh protocols.) I'm not sure
anyone has really stated that in this thr
On Thu, 24 Jul 2008 17:05:40 +0200, R.S. <[EMAIL PROTECTED]> wrote:
>It can be sftp - AFAIK ftp over SSH. It is available on z/OS as free and
>unsupported tool. AFAIK it supports HFS files only (I mean anu Unix
>file, regardless of filesystem type: ZFS, HFS,e tc.)
>I vaguely remain some other type
[mailto:[EMAIL PROTECTED] On Behalf
Of McKown, John
Sent: Thursday, July 24, 2008 5:49 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: secure ftp on the mainframe
> -Original Message-
> From: IBM Mainframe Discussion List
> [mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt
> Sent: Thurs
> -Original Message-
> From: IBM Mainframe Discussion List
> [mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt
> Sent: Thursday, July 24, 2008 10:47 AM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: secure ftp on the mainframe
>
[snip]
>
> SSH is very popul
As another posted, 'sftp' is not a unique enough name. There is a 'speedy' FTP
that uses a propriety protocol, for example.
The short answer to your question is that there are several 'flavors' of data
encryption offered on z/os. The two main types are TLS (transport layer
security, formally k
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Kurt Eastwood
>
> Hello,
>
> First off let me say I am not an FTP expert.
>
> We currently use FTP on the mainframe to send files to
> various sites. We also use SFTP on the UNIX boxes to send
> files to various
We run FTP with SSL and FTP with SSH. FTP/SSL is part of TCPIP, while sftp
(FTP/SSH) is part of IBM Ported Tools (free for the download). We run both
from batch procedure. We have RACF control the certificates and keyrings for
FTP/SSL. Then you use the SYSFTPD DD statement to tell FTP if SSL
Kurt Eastwood wrote:
Hello,
First off let me say I am not an FTP expert.
We currently use FTP on the mainframe to send files to various sites. We also use SFTP on the UNIX boxes to send files to various sites. I am looking for any information or help on using SFTP, which I understand to be 's
lf Of Richard Pinion
Sent: Thursday, May 26, 2005 11:42 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Secure FTP on the Mainframe
Nothing wrong with using RACF for the CERT stuff but you can generate
CERTS from OMVS using gskkyman. Maybe it is better to learn to crawl
first rather than trying t
Re: Secure FTP on the Mainframe
Hi,
I followed Share Session 3925 to set up my ftp server on one z/OS v1.4 LPAR
(CDCU). I then exported the certificate to another LPAR (CDCT) and imported
the certificated into its key data base.
When trying ftp from the second lpar to the first I get the
I believe the software looks for the key database password
in the "stash" file. When I ran into this recently, I was using
gskkyman to manage my key file, and there's an option in gskkyman
"10 - Store database password" to create the "stash" file.
Once I did that, the TLS handshake moved on to
Howard Rifkind wrote:
Ulrich,
Can sFTP and FTP reside within the same z/OS partition and be used at the same time?
For instance, one person is FPT'ing a secure document using sFTP and another is using just plain old FTP for something else
You could use three different kinds of file transf
2
Where would the key database password be supplied?
Thanks,
Craig
-Original Message-----
Subject: Re: Secure FTP on the Mainframe
> We would like to install Secure FTP in our maiframes TCP/IP configuration
and I have no idea how to do this.
>
> Would some one be kind eno
Yes, I believe each has its own port assignments.
Thanks,
Ray Baraniecki
Technical Consultant
Morgan Stanley IIG
75 Varick Street
New York, NY 10013
917-237-7066
Important Notice to Recipients
It is important that you do not use e-mail to request, authorize or effect the
purchase or
Ulrich,
Can sFTP and FTP reside within the same z/OS partition and be used at the same
time?
For instance, one person is FPT'ing a secure document using sFTP and another is
using just plain old FTP for something else
Ulrich Boche <[EMAIL PROTECTED]> wrote:
Howard Rifkind wrote:
> We would l
Howard Rifkind wrote>.
Howard Rifkind <[EMAIL PROTECTED]> wrote:We would like to install
Secure FTP in our maiframes TCP/IP configuration and I have no idea how
to do this.
Would some one be kind enough to point me in the right direction where
to start and what manuals to check
I think this would really help you to get going with what you want -->
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/F1A1B340/2.3.10?SHELF=F1A1BK50&DT=20040609153838
Please have a look into the following REDBOOK (lists the key ring set up):
SG24-6840-00 "Communications Server for
: Re: Secure FTP on the Mainframe
[EMAIL PROTECTED] wrote:
> There must be something in the air or water, or maybe you have a spy
here.
> I was just asked the same thing.
>
> I tried to get a 3270 emulator to support SSL/TLS but was told by our
> manager that SSL had nothing to do
Howard Rifkind wrote:
We would like to install Secure FTP in our maiframes TCP/IP configuration and I
have no idea how to do this.
Would some one be kind enough to point me in the right direction where to start and what manuals to check out, and what to be aware of.
I'm not really prime tim
[EMAIL PROTECTED] wrote:
There must be something in the air or water, or maybe you have a spy here.
I was just asked the same thing.
I tried to get a 3270 emulator to support SSL/TLS but was told by our
manager that SSL had nothing to do with encryption so forget it.
Anyway, I'm in the process
I can't remember what I had to do to activate gskkyman. Oh yes, I had to add
GSK.SGSKLOAD
to PROG00 for APF and LNKLIST. Run gskkyman from TSO/OMVS. Once I had done
the z/OS setup
as below I had to work with the network guys to punch a hole thru our firewall
to allow FTP SSL.
Here are the pa
I've just recently done both secure FTP and TN3270 in z/OS 1.4
I used the redbook volume 7. I found gskkyman just as confusing as RACF, so
I used RACF :)
I also need to thank Sam for pointing out Filezilla, which is a good
FTP client and supports TLS
One recomendation I would make is to
Richard, would you be good enough to send me over the parms you are talking
about below. That would give me a good head start. Thanks.
Richard Pinion <[EMAIL PROTECTED]> wrote:Would you be interested in using FTP
with SSL/TLS support? If so, it is already installed. You need some parms and
co
Nothing wrong with using RACF for the CERT stuff but you can generate CERTS
from OMVS using gskkyman. Maybe it is better to learn to crawl first rather
than trying to run.
>>> [EMAIL PROTECTED] 05/26/05 12:32PM >>>
And here is the cross posing from the RACF list as promised:
QUOTE:
This is a f
And here is the cross posing from the RACF list as promised:
QUOTE:
This is a foil that I presented in SHARE and Vanguard. People think this
helps them to clear things out. Would it help you?
Given:
? CA1 is the CA cert which signed the server cert S
? CA2 is the CA cert which signe
The manuals are confusing as they seem to be focused on Websphere and
assume that is what you want to do. So far, I have achieved a secure
transfer, or at least so say the messages. I created the CA cert on one
system, then exported/imported it to another. Both systems are z/os 1.4
but do not share
There must be something in the air or water, or maybe you have a spy here.
I was just asked the same thing.
I tried to get a 3270 emulator to support SSL/TLS but was told by our
manager that SSL had nothing to do with encryption so forget it.
Anyway, I'm in the process of trying to install the IC
Would you be interested in using FTP with SSL/TLS support? If so, it is
already installed. You need some parms and commands which I or other users of
ibm-main can provide.
>>> [EMAIL PROTECTED] 05/26/05 10:21AM >>>
We would like to install Secure FTP in our maiframes TCP/IP configuration and
38 matches
Mail list logo