You can enable users to log in to the FTP server with password
phrases by assigning password phrases to the user IDs that are used
to log in to the FTP server.
Rules: - Do not assign a character or combination of characters to a password
phrase that your FTP clients cannot support.
- The maximum length of a password phrase is 100 characters.
Tips: - Use alphanumeric characters to create password phrases to minimize
translation problems when the client and server are using different
ASCII code pages.
- If you plan to use the z/OS® FTP
client in batch mode, the password phrase and optional user data must
fit on a single line of the batch file.
Results: - When you assign a password phrase to a user ID, a user can log
in with that user ID by using either the password or the password
phrase.
- A user can change the password phrase when they log in to FTP.
Restrictions: - The password phrase that a user enters to log in to the z/OS FTP server has restrictions
beyond those that are enforced by your security product and those
that are enforced by the optional ICHPWX11 user exit. The password
phrase must not contain the following characters that have special
meaning to the z/OS FTP server:
- NULL (X'00')
- Slash (/)
- Colon (:)
- Carriage return (<cr>)
- Line feed (<lf>)
- Interpret as command (<IAC> or X'FF')
- Telnet command characters (X'FB' - X'FE')
The z/OS FTP server translates
all passwords that it receives during a session into EBCDIC before
it passes them to the security product and to the FTCHKPWD exit routine.
- A user will not be able to log in to the z/OS FTP server using a password phrase if you
assign a character to the password phrase that the server cannot translate
from ASCII or UTF-8 to EBCDIC. The user will also not be able to log
in if you assign a character that the server translates into an EBCDIC
character that is different than the character that you assigned.
Untranslatable characters and inconsistent translations can occur
if the client and server are using different code pages, or if the
character is outside the normal range of printable characters.
- The z/OS FTP server supports
quotation marks in password phrases, but your FTP client might not
support the use of quotation marks in password phrases.
- The password phrase must not contain leading blanks or trailing
blanks.
- The maximum length of a password phrase is 100 characters.
- When you configure the z/OS FTP
server for anonymous FTP, the following restrictions apply:
- You cannot specify a password phrase instead of a password as
an FTP daemon start option.
- You cannot code a password phrase instead of a password on the
ANONYMOUS statement in FTP.DATA.
If the server is configured to prompt anonymous users for a password,
the user can log in with either the password or the password phrase
that is assigned to the anonymous user ID.