IBM Mainframe Forum

[00022311]

Our Batch Mainframe Applications Use FTP nightly. What is the scope of work needed to replace FTP and implement /inforce FTPS from the Mainframe to and from Unix, Linux Servers?

[Robert Sample]

The IP Configuration Guide manual in the Communications Server bookshelf has information about what needs to be done. Look particularly at the chapter "Customizing Transport Layer Security and Kerberos security" in this manual. Some of the options selected will depend upon site factors, so there is no one-size-fits-all answer.

[00022311]

Thanks... Robert

[dick scherrer]

Hello and welcome to the forum,

One of my clients is lookking for a way to implement an SFTP client on the mainframe. Seems like IBM has not yet provided this . . .

@Robert - How does FTPS differ from SFTP?

[Robert Sample]

FTPS is an extension of the FTP standard that encrypts the data via SSL (Secure Sockets Layer). The usual pair of FTP ports (21 / 22 on the server, for example) are used for the control and data connections but data encryption is used.

SFTP is based upon Secure Shell (SSH) and uses a single control / data connection instead of the two ports FTP and FTPS use. As such, it is not compatible with FTP nor FTPS. IIRC, public key encryption is used with SFTP whereas FTPS allows negotiation between client and server as to the encryption used.