Disablement of SHA-1 cipher suites and limiting anonymous log-in for ECuRep FTP server

News

Abstract

The disablement of SHA-1 cipher suites and limiting the usage of anonymous log-in for the ECuRep FTP server is postponed until the 5th of October 2020.

Content

Discontinue the use of cipher suites with SHA-1

On the 5th October 2020 we will disable cipher suites that use SHA-1 hashing algorithms.
Make sure that your FTP client supports current encryption options.

Limiting anonymous FTP server usage

The use of the plain FTP servers, ftp.ecurep.ibm.com, and ftp.ap.ecurep.ibm.com, is limited to PDUU and SDDUU tool uploads on the 5th of October 2020.

Only authenticated FTPS (FTP over TLS) and SFTP (FTP over SSH) will be supported for manual FTP uploads. Anonymous login to sftp.ecurep.ibm.com, ftps.ecurep.ibm.com, sftp.ap.ecurep.ibm.com and ftps.ap.ecurep.ibm.com will not be possible starting the 5th of October.

We strongly recommend using the new servers that enforce encryption and authentication today. The current FTP options are described on the Send data (FTP) page.

Only the Java utility IBM ® Secure Diagnostic Data Upload Utility (SDDUU) and the IBM z/OS® Problem Documentation Upload Utility (PDUU) will be able to use these servers after October 5th 2020. These utilities do not enforce transport layer encryption because they support end-to-end encryption of the data transferred. It is strongly recommended to use HTTPS for PDUU uploads because there is no need to manually activate the included end-to-end encryption option. We are working on a new version of SDDUU supporting HTTPS. Anonymous FTP support for both tools is planned to be discontinued in future.

A list of all supported methods for sending data to ECuRep is available on the Send data overview page.

Testcase.boulder.ibm.com is not affected by this change.

Related Information

My Notifications

Enhanced Customer Data Repository (ECuRep) - Overview

Enhanced Customer Data Repository (ECuRep) - Send data

Enhanced Customer Data Repository (ECuRep) - Send data (FTP)

Enhanced Customer Data Repository (ECuRep) - Send data (Java utility)

Enhanced Customer Data Repository (ECuRep) - Send data (z/OS® utility)

[{"Business Unit":{"code":"","label":""},"Product":{"code":"ECUREP","label":"ECuRep notice"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"","label":""}}]

Product Synonym

ECuRep

Was this topic helpful?

Document Information

Modified date:
11 August 2020

UID

ibm16254698

Tips