In z/OS® V1R13 Communications
Server, you can use password phrases when you log in to the z/OS FTP server. The password phrase
is passed to the FTPCHKPWD exit routine if that user exit is installed.
You can also specify a password phrase instead of a password
when you use the z/OS FTP client
subcommands User and PAss.
Restrictions: - RACF® enforces a basic set
of syntax rules to establish strength in password phrases. These syntax
rules apply to all password phrases; you cannot alter or avoid them.
However, you can add password phrase syntax rules to impose additional
restrictions when your installation tailors the new password phrase
exit (ICHPWX11).
- The password phrase that you use to log in to the z/OS FTP server has additional restrictions.
The password phrase must not contain the following characters that
have special meaning to the z/OS FTP
server:
- NULL (X'00')
- slash (/)
- colon (:)
- carriage return (<cr>)
- line feed (<lf>)
- interpret as command (<IAC>) or X'FF')
- Telnet command characters (X'FB' - X'FE')
- The password phrase must not contain leading blanks or trailing
blanks.
- The maximum length of a password phrase is 100 characters.
- When you configure the z/OS FTP
server for anonymous FTP, the following rules apply:
- Do not specify a password phrase instead of a password as an FTP
daemon start option.
- Do not code a password phrase instead of a password on the ANONYMOUS
statement in the FTP.DATA data set.
Dependency: To use this
support, your security product must be SAF-compliant and it must support
the use of password phrases as an alternative to passwords.
Coexistence requirement: The minimum length
of a password phrase depends on whether you have installed the RACF exit ICHPWX11, or the equivalent
exit for your SAF-compliant security product, and whether you have
modified the exit to permit shorter password phrases.
- If you have not installed exit ICHPWX11, password phrases must
be 14 -100 characters in length.
- When the new-password-phrase exit (ICHPWX11) is installed and
is coded to allow shorter password phrases, the password phrase can
be 9-100 characters in length.