1. What are the possible solutions for a Secured / Managed File Transfer to and fro iSeries environments?
2. Have any of you tried using OpenSSH in iSeries / Windows combination. With both systems having the capacity to act as a server and client.Meaning sometimes iSeries "GETs" and "PUTs" sometimes. This is becuase as opposed to FTP which is a protocol SFTP is just a command which is available as a part of SSH implementations. SFTP is merely "PUT" only
So can we say using plain FTP is a SoX voilation?
NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
This topic has been locked.
7 replies Latest Post - 2012-03-05T10:27:31Z by FPLAZAVI
Pinned topic FTP and SoX Compliance
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2012-03-05T10:27:31Z at 2012-03-05T10:27:31Z by FPLAZAVI
Re: FTP and SoX Compliance2009-08-03T17:23:35Z in response to Prithiviraj
I use SFTP with both PUT and GET. I'm confused why you say it's "put only".
I've never heard that FTP is a SOX violation. It can certainly be a security violation, but VPNs can be used to secure it, and depending on the data that's made available via FTP, that might not even matter to you.
But if a more secure alternative is desired, SFTP seems like an easy choice. What is your concern about it?
Prithiviraj 270001CEBX60 Posts
Re: FTP and SoX Compliance2012-03-02T20:59:01Z in response to FPLAZAVIPhysical files are a peculiarity of IBM i. They are a sort of file that really doesn't exist anywhere else, at least not in exactly the same way. I guess database tables in database software is pretty close -- but, in any other environment besides IBM i, you can't read a database table unless you go through the database management software. Only that software understands the complex internal structure of the database.
On IBM i, code to read/handle that internal structure is built-in to the operating system at a very low level, so ordinary programs don't have to call special APIs to read it, they can just open and read them as if they were "just regular files." No other platform on earth (that I'm aware of, anyway) has that feature.
SFTP is a Unix program. It's designed, and even compiled, for Unix. It doesn't understand the peculiarities of IBM i. Therefore, I wouldn't recommend using it on a PF directly. It might be possible to get it to work (since the IFS interface does have some rudimentary capability to understand physical files) but it certainly wouldn't be "natural."
Instead, if you want to send a physical file's data (just the data portion):
1) If it's an externally-defined PF with well-defined fields, extract it to an "import file" (a stream file) using the CPYTOIMPF command.
2) If it's a "flat file" (no well-defined fields) use CPYTOSTMF instead.
3) Use sftp or scp to transfer it.
4) on the remote side, convert it back to the PF using CPYFRMSTMF or CPYFRMIMPF.
If you want to duplicate the entire file (not just the data, but all the object description information as well):
1) Save the file to a SAVF with the SAVOBJ command.
2) Use CPYTOSTMF to copy the SAVF to a stream file
3) Use sftp/scp to transfer it
4) Use CPYFRMSTMF to put the data back into a SAVF object
5) Use RSTOBJ to restore the file with all it's properties intact.