SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Authentication >>
    System Administration >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
        Introduction to Transparent FTP Security
        Configuring SOCKS Proxy >>
        Creating the SSHSP User
        Running SOCKS Proxy >>
        Configuring FTP >>
        Examples of Transparent FTP Security>>
            System-Wide Transparent FTP Tunneling or FTP-SFTP Conversion with Fallback
            JCL-Specific Transparent FTP Tunneling or FTP-SFTP Conversion
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

JCL-Specific Transparent FTP Tunneling or FTP-SFTP Conversion

In this example, transparent FTP tunneling or FTP-SFTP conversion is configured per FTP JCL job using a SYSFTPD DD statement.

Do the following steps:

  1. Copy the /opt/tectia/etc/ssh-socks-proxy-config-example.xml configuration file to /opt/tectia/etc/ssh-socks-proxy-config.xml.
  2. (FTP-SFTP conversion only) If you want to use FTP-SFTP conversion, edit the configuration file and change the value of the action attribute to "ftp-proxy":
      <filter-engine>
         <rule ip-address=".*"
                 ports="21"
                 action="ftp-proxy"
                 profile-id="id1"
                 username-from-app="YES"
                 hostname-from-app="YES"
                 fallback-to-plain="NO" />
      </filter-engine>
    
  3. Start the SOCKS Proxy if it is not already running.
  4. Create a new FTP configuration file EXAMPLE.SSHFTP.FTPDATA with the following contents:
    SOCKSCONFIGFILE  EXAMPLE.JCL.SOCKS.CONF
    FWFRIENDLY       TRUE
    
  5. Create a new socks configuration dataset EXAMPLE.JCL.SOCKS.CONF with the following contents:
    sockd @=127.0.0.1 0.0.0.0 0.0.0.0
    
  6. Modify your existing FTP JCL to use SOCKS by adding a SYSFTPD DD statement, for example:
    //FTP       EXEC PGM=FTP,PARM='company.example.com (EXIT=8'
    //SYSPRINT  DD  SYSOUT=*
    //SYSFTPD   DD  DSN=EXAMPLE.SSHFTP.FTPDATA,DISP=SHR
    //SYSIN     DD  *
    userid   passwd
    ascii
    get test.file 'USERID.FTP.TEST'
    quit
    /*    
    

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice