[Contents] [Index]

About This Document >>     Installing SSH Tectia Server for IBM z/OS >>     Getting Started with SSH Tectia Server for IBM z/OS >>     Configuring the Server >>     Authentication >>     System Administration >>     File Transfer Using SFTP >>         Creating a User for Batch File Transfers         Controlling File Transfer>>     Secure File Transfer Using Transparent FTP Security >>     Tunneling >>     Troubleshooting SSH Tectia Server for IBM z/OS >>     Man Pages and Default Configuration Files >>     Log Messages >>

Creating a User for Batch File Transfers

You can create users specifically for running SSH Tectia Server for IBM z/OS file transfer batch jobs. Batch users need only an OMVS segment. They do not need TSO or passwords.

To create a user, for example SFTUSER, for running batch file transfers, do the following steps:

1. Create a user, for example using RACF:

   ADDUSER SFTUSER NAME('SSH Tectia Batch User) OWNER(IBMUSER) + NOPASSWORD NOOIDCARD + OMVS(HOME('/u/SFTUSER') PROGRAM( /nologin ) UID(12345))

   The home directory and UID must be unique for each user.

2. Create the USS home directory /u/SFTUSER for the SFTUSER user. Under it, create the .ssh2 subdirectory for storing the remote server host keys (and optionally user keys and the user-specific ssh-broker-config.xml configuration file). Make SFTUSER the owner of these directories:

   # mkdir /u/SFTUSER
   # mkdir /u/SFTUSER/.ssh2
   # chown -R SFTUSER /u/SFTUSER
   # chmod 700 /u/SFTUSER/.ssh2
   

Note: If you use ACF2 for system security and have enabled the TSO Command Limiting list, the batch user must have BPXWRTCM permitted.