View Full Version : SFTP and zipping with password protection?
04-30-2007, 09:21 AM
Have you considered doing it pc-route? Then, there are several clients available, free or under $50 that will do the job. I needed HIPAA compliant transfer of documents using SFTP, and went PC route due to cost. I didn't need to zip, so once documents are in an IFS directory, trnasfer is just a click away. If you want to zip, you will need to transfer to pc first unless you use zip on 400.
04-30-2007, 01:37 PM
Hello, We actually already use the PC, but we are trying to remove the multiple platform/environment jumps from the whole process. The main question is about zipping and SFTP on and from the AS400 only. Thanks though
04-30-2007, 06:07 PM
I hope someone has a better answer for you, but we faced the same headaches in trying to automate processes where we needed a password-protected file sent from the 400. You can use qshell to use the jar command, and that will make a zip-compatible file. however, we found no way to password-protect it. We finally bit the bullet and bought pkzip for the 400.
05-01-2007, 04:54 AM
How has your experience been with pkzip for the 400? I'm assuming because you needed the password protection you bought the SecureZip version? This has been the only other product I've seen for the AS400 besides Linoma's that does this sort of thing. I'd love to know your experiences with this. Thanks! Do you send SecureFTP with another product as well?
05-01-2007, 05:09 AM
We have used PKZip for several years and have been quite happy with it. We are a healthcare organization and the password protection is needed for HIPAA compliance. As for SFTP, we ftp to a couple of sites using *SSL, but that is setup on their end. HTH, Joe
05-02-2007, 06:18 AM
First question: do you really need to password-protect the file? SFTP already uses a secure, encrypted channel. That takes care of security for the file while in transit. If you're worried that the file needs to be protected even after it arrives, then you'll need password protection. PKZIP is certainly one way to go, and may be worth it. However, if you have the PASE environment installed, it's possible to copy the AIX version of Gnu Privacy Guard to the AS400. This is an OpenPGP compatible encryption program that lets you encrypt the file using the recipient's public encryption key, so only the recipient can decrypt it. It's a little more complicated than a straight password-protected zip file, but considerably more secure, and eliminates having to communicate passwords back and forth. Once set up, it's generally easier to use.
05-02-2007, 08:37 AM
We just purchased the product, and I am just now implementing the production code to archive an ifs file and password protect it. These don't go sFTP, but through email attachments via our Domino system. A third party created an agent that allows us to create email headers and attachment files in the IFS, and then domino will wake up at intervals and send the stuff. This is similar in function to the CGIDEV tools EMLSTMF and such, but going with domino meant we had to give up some of the basic pop3/smtp tools we had used previously. One of the other posters made the point that there are alternate methods to ensure security. But in our case, this is government to government or payroll to financial institution transfer. The other side makes the rules, and generally don't want to work with us to find alternate solutions. If they say pkzip with a password, that's what we have to deliver. "Everybody has PCs and pkZip, right. And by the way, what kind of windows server runs your business?", etc. The product looks like it has a number of other useful features, but the purchase was completely driven by our need to automate processes, much like the original poster. It is too late for us now, but if Linoma or other vendors have competitive products that address this, then they should be considered.
05-03-2007, 05:19 AM
Hello, The protocols are required by our processing company and non-negotiable. Thank you for the information though. It is good to know for future projects. :) Thank you!
05-03-2007, 09:36 AM
I agree with thenderson. You can use PASE to transmit using SFTP protocol. Zip processing is also available using JAVA inside of PASE (search this website, and IBM's), however I'm not sure about zip password protection using this method. "Bringing Zip and Unzip to OS/400 PASE and Qshell Environments" http://www.redbooks.ibm.com/abstracts/tips0283.html Since I have seen references to both, I want to clarify something, SFTP (FTP over SSH) is NOT the same as FTP/SSL or FTP using *SSL. These are 2 different protocols. http://en.wikipedia.org/wiki/FTP_over_SSH#FTP_over_SSH http://en.wikipedia.org/wiki/FTPS The only issue we had implementing SFTP was how login was handled. Specifically, you cannot emmbed the username/password combination in the SFTP command. Because of this issue, we opted for SFTP using Public/Private certificates rather than username/passwords. The documents @ IBM show how to set this up step by step. http://www-03.ibm.com/servers/enable/site/porting/tools/openssh.html Hope this helps!
05-03-2007, 09:39 AM
Hello, I am researching how to setup a SFTP client [using SSH2 protocol] and something that will zip and password protect files for us on the AS400. Has anyone had any experience with this and could recommend any particular tools? I have found Linoma's Transfer Anywhere, which does handle both of these, but it looks to be a much more powerful (and more expensive) tool than we were hoping for. It has not been ruled out, as we could put it to other uses in the future, but I'm hoping there are cheaper alternatives out there... Also these would be used in a process that we would want to be able to automate entirely. Any and all information is hugely appreciated. Thank you!
05-03-2007, 09:39 AM
Also this http://www.gzip.org/
02-25-2011, 07:37 PM
You may also want to check out GoAnywhere Director from Linoma Software at www.GoAnywhereMFT.com . It allows you to perform both ZIP and SFTP operations natively on the iSeries. All the operations produce audit trails for compliance reporting. It also includes support for other protocols like Open PGP, FTPS, HTTPS, AS2 and email. All the transfers in GoAnywhere Director can be run either through the GoAnywhere scheduler or from your CL and RPG programs. A free trial is available on Linoma's web site.
Powered by vBulletin® Version 4.1.5 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.