1. What are the possible solutions for a Secured / Managed File Transfer to and fro iSeries environments?
2. Have any of you tried using OpenSSH in iSeries / Windows combination. With both systems having the capacity to act as a server and client.Meaning sometimes iSeries "GETs" and "PUTs" sometimes. This is becuase as opposed to FTP which is a protocol SFTP is just a command which is available as a part of SSH implementations. SFTP is merely "PUT" only
So can we say using plain FTP is a SoX voilation?
Re: FTP and SoX Compliance2009-08-03T17:23:35ZThis is the accepted answer. This is the accepted answer.
I use SFTP with both PUT and GET. I'm confused why you say it's "put only".
I've never heard that FTP is a SOX violation. It can certainly be a security violation, but VPNs can be used to secure it, and depending on the data that's made available via FTP, that might not even matter to you.
But if a more secure alternative is desired, SFTP seems like an easy choice. What is your concern about it?
Prithiviraj 270001CEBX60 Posts
Re: FTP and SoX Compliance2009-08-10T07:02:08ZThis is the accepted answer. This is the accepted answer.
- scott_klement 2700007QFX
Please let me know Is there a step by step guide for implementing SFTP? ISeries is going to be the Server and windows would be a client.
Thanks for your help
Re: FTP and SoX Compliance2009-08-10T17:33:30ZThis is the accepted answer. This is the accepted answer.
- Prithiviraj 270001CEBX
The following page has links to articles and other documentation about using OpenSSH on i:
Re: FTP and SoX Compliance2012-03-02T20:59:01ZThis is the accepted answer. This is the accepted answer.
- FPLAZAVI 2700050KYD
On IBM i, code to read/handle that internal structure is built-in to the operating system at a very low level, so ordinary programs don't have to call special APIs to read it, they can just open and read them as if they were "just regular files." No other platform on earth (that I'm aware of, anyway) has that feature.
SFTP is a Unix program. It's designed, and even compiled, for Unix. It doesn't understand the peculiarities of IBM i. Therefore, I wouldn't recommend using it on a PF directly. It might be possible to get it to work (since the IFS interface does have some rudimentary capability to understand physical files) but it certainly wouldn't be "natural."
Instead, if you want to send a physical file's data (just the data portion):
1) If it's an externally-defined PF with well-defined fields, extract it to an "import file" (a stream file) using the CPYTOIMPF command.
2) If it's a "flat file" (no well-defined fields) use CPYTOSTMF instead.
3) Use sftp or scp to transfer it.
4) on the remote side, convert it back to the PF using CPYFRMSTMF or CPYFRMIMPF.
If you want to duplicate the entire file (not just the data, but all the object description information as well):
1) Save the file to a SAVF with the SAVOBJ command.
2) Use CPYTOSTMF to copy the SAVF to a stream file
3) Use sftp/scp to transfer it
4) Use CPYFRMSTMF to put the data back into a SAVF object
5) Use RSTOBJ to restore the file with all it's properties intact.