ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

SFTP ports in commands

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    SFTP ports in commands

    For make sftp do we provide also the port? and it is necessary how can I handle it?
    I received also two ports from the person who makes the setup on the other server and I don't know what I have to do with it?

    I know that I am able to run under QSH the following statement:
    sftp -b /home/user_as400/script_file.txt user_remote_system@remote_system
    where can I include the port?
    Thanks
    Tags: None
  • #2
    Recent versions allow you to specify the port with the -P switch

    Code:
    sftp -P 8022 -b /path/to/script user@host.com
    In older versions you had to use the -o (option) switch with the config file oprtion.

    Code:
    sftp -oPort=8022 -b /path/to/script user@host.com

    Comment

    • #3
      Thanks Scott for explanations.

      Comment

      • #4
        One more question please, if I have the "@" character in the name of the user profile it will be able to make the ssh transfer?
        Because in the sftp command we have the syntax sftp -b /path-for-script-file user_profile@remote_system

        it will knows where the name of the user profile ends and where the name of the remote system starts?

        Comment

        • #5
          Sorry, I have never used a userid with @ in it, so I don't know if it'll cause problems or not, you'll have to try it and see.


          I'd suggest that it might not be a good idea to have users with @ symbols in their names, since this symbol is also used as a divider in e-mail addresses as well as in sftp command syntax. So, I would strongly recommend you avoid putting it into your userids if you have any choice in the matter.

          Comment

          • #6
            One more question please, to make all the setup necessary on the AS400 side to allow the sftp transfer what I have to do?
            the actual situation is that: - I have an user profile configured for sftp, it already exists in the IFS under the /home directory a directory named with user profile and in this directory exists a folder .ssh, visible with iseries navigator, not with wrklnk on AS400.
            in this folder I have several files:
            authorized_keys
            id_dsa
            id_dsa.pub
            known_hosts

            I sent the id_dsa.pub to the person which handle the other server. but it doesn't work, he told me that I have to send him the public key..
            Do I have to modify something on the known_hosts? or another configuration on the AS400 side?

            Thanks in advance

            Comment

            • #7
              I have the following after the running in batch the CLLE which have to make the sftp - I redirected the output in a IFS file log
              hostkeys_foreach: reading file "/HOME/USER_SFTP/.ssh/known_hosts"
              Host key verification failed.
              Connection closed.

              It's possible to have another public key from the remote system which I have to load into AS400?
              And if the answer is yes what I have to do?
              I don't have the password for the user profile who is setup for the ssh transfer on the AS400, I run the program in batch, under this user with SBMJOB CMD(CALL PGM(MY_SFTP_PGM) USER(USER_SFTP)
              How can I make the necessary setup?
              From my side I sent them the public key from AS400, id_dsa.pub who was in the .ssh folder in IFS

              Comment

              • #8
                Originally posted by voicucosmin90 View Post
                with user profile and in this directory exists a folder .ssh, visible with iseries navigator, not with wrklnk on AS400.
                By default, WRKLNK doesn't show hidden files/directories. You can change that behaviour by prompting the WRKLNK command and specifying *ALL for the display option. It will remember it from then on for your user ID.

                I sent the id_dsa.pub to the person which handle the other server. but it doesn't work, he told me that I have to send him the public key..
                Do I have to modify something on the known_hosts? or another configuration on the AS400 side?
                id_dsa.pub is the public key and there shouldn't be anything further for you to send.
                When you downloaded it, how did you do that? FTP? Did you use ASCII or BINARY mode? The public keys are plain text so I think it should be downloaded in ASCII mode.

                You can manually test the connection by using the following from within qshell (STRQSH):
                ssh -i /home/<sftp user id>/.ssh/id_dsa -T user@system

                If it asks for a password, the key hasn't been set up properly. Otherwise, you should login automatically.

                Comment

                • #9
                  Originally posted by john.sev99 View Post

                  You can manually test the connection by using the following from within qshell (STRQSH):
                  ssh -i /home/<sftp user id>/.ssh/id_dsa -T user@system

                  If it asks for a password, the key hasn't been set up properly. Otherwise, you should login automatically.
                  Can I make this with my user profile? Mentioned that I don't have the password for the user profile configured for SSH transfer.

                  Comment

                  • #10
                    I ran this command with my user profile in STRQSH ( not this for ssh transfer) and I have the following:

                    $
                    ssh -i /home/SSH_USER_PROFILE/.ssh/id_dsa -T "USER@REMOTE_SYSTEM"@NAME_REMOTE_SYSTEM
                    The authenticity of host 'NAME_REMOTE_SYSTEM (10.X.XX.XX)' can't be established.
                    RSA key fingerprint is SHAXXX.
                    Are you sure you want to continue connecting (yes/no)?
                    yes
                    Warning: Permanently added 'NAME_REMOTE_SYSTEM,10.X.XX.XX' (RSA) to the list of known hosts.
                    USER@REMOTE_SYSTEM's password:


                    does mean that it is a problem?

                    Comment

                    • #11
                      It is possbile to have also a public key from their side? which I have to load into the known_hosts file in IFS of AS400?
                      Maybe this is the reason, it is possible? what do you think? the public key from AS400, id_dsa.pub has been already sent to the other server.
                      Thanks

                      Comment

                      • #12
                        Did it ask for a password when you used the SSH.... command? If not, that suggests you have logged in using the keys. You should be able to enter some commands such as cd, ls etc. If it asked for a password then the keys haven't been set up correctly.
                        The warning that is issued occurs the first time you connect to a system. Responding with a yes means an entry will be added to the /home/<sftp user id>/.ssh/known_hosts file for that system/ip address. It shouldn't come up with that message again unless something changes.

                        It's been a very long time since we set up sftp but I don't recall needing a public key from the remote system and I don't see one in the .ssh directory.

                        Comment

                        Previous template Next
                        Working...
                        X