Hi,
We are getting two different error messages for two jobs that are trying to do SFTP.
Job 1:
debug1: Reading configuration data /export/home/HEATFTP/.ssh/ssh_config
FOTS1842 problem renaming PRNG seedfile from /export/home/CA7/.ssh/prng_seed.BsHjiVp499 to /export/home/CA7/.ssh/prng_seed (EDC5129I
No such file or directory. (errno2=0xEF07602A))
FOTS1945 ssh-rand-helper child produced insufficient data
[89.567] Connection closed
Job 2:
debug1: Reading configuration data /export/home/HEATFTP/.ssh/ssh_config
FOTS1842 problem renaming PRNG seedfile from /export/home/CA7/.ssh/prng_seed.xf33555008 to /export/home/CA7/.ssh/prng_seed (EDC5129I
No such file or directory. (errno2=0xEF07602A))
FOTS1945 ssh-rand-helper child produced insufficient data
[86.725] Connection closed
We need to fix this issue as soon as possible. Please provide the solution to fix this issue permanently.
Please let me know if you need more information.
FOTS1842 problem renaming PRNG seedfile
Re: FOTS1842 problem renaming PRNG seedfile
This is an error in IBM Ported Tools OpenSSH.
See the IBM Ported Tools OpenSSH User's Guide (search for ssh-rand-helper) for suggested setup actions to eliminate this problem.
However, the best thing to do is to install ICSF HCF77A0 (if you don't already have it) and to enable /dev/random support in IBM Ported Tools (see the IBM Ported Tools OpenSSH Users' Guide) or this guide that we have created:
http://dovetail.com/docs/pt-quick-inst/ ... nst-random
Using ICSF will be MUCH better than ssh-rand-helper and you will eliminate these kinds of problems
See the IBM Ported Tools OpenSSH User's Guide (search for ssh-rand-helper) for suggested setup actions to eliminate this problem.
However, the best thing to do is to install ICSF HCF77A0 (if you don't already have it) and to enable /dev/random support in IBM Ported Tools (see the IBM Ported Tools OpenSSH Users' Guide) or this guide that we have created:
http://dovetail.com/docs/pt-quick-inst/ ... nst-random
Using ICSF will be MUCH better than ssh-rand-helper and you will eliminate these kinds of problems
Re: FOTS1842 problem renaming PRNG seedfile
I have come across this problem recently. My additional question is why did our cozbatch job get a return code=0 when getting this error? Is there a way to have cozbatch return an error code when encountering this problem.
I have read the existing response and the IBM doc to add the ZOS_SSH_PRNG_CMDS_TIMEOUT environment variable. Is there an example of adding this environment variable in unix services?
Thanks Matt
I have read the existing response and the IBM doc to add the ZOS_SSH_PRNG_CMDS_TIMEOUT environment variable. Is there an example of adding this environment variable in unix services?
Thanks Matt
Re: FOTS1842 problem renaming PRNG seedfile
COZBATCH exits with a return code based on the exit code from the z/OS Unix shell script that you are running.
I would have to see your shell script to determine why, but you can debug it yourself by adding:
set -x
to the beginning of the shell script and reproduce the problem.
Some notes:
- IBM sftp or CO:Z cozsftp commands will exit with a non-zero exit code if the underlying ssh command fails.
I would have to see your shell script to determine why, but you can debug it yourself by adding:
set -x
to the beginning of the shell script and reproduce the problem.
Some notes:
- IBM sftp or CO:Z cozsftp commands will exit with a non-zero exit code if the underlying ssh command fails.
Re: FOTS1842 problem renaming PRNG seedfile
I ran a test with set -x in the script but the error did not occur as this is an intermittent issue. Not sure if this would indicate anything to you, but what might I look for if the problem happened? tks
CoZBatch N : Copyright (C) 2005-2013 Dovetailed Technologies LLC. All rights res
CoZBatch N : version 2.4.4 2014-03-18
CoZBatch I : executing progname=login-shell="-/bin/sh"
+ remoteuser=xxxxx
+ server=xxx.xxx.xxxx.x
+ servercp=ISO8859-1
+ remotefile=
+ export PASSWD_DSN=//SYS4.TECH.CNTLCARD(PCHSFTPW)
+ export SSH_ASKPASS=/usr/lpp/coz/bin/read_passwd_dsn.sh
+ export DISPLAY=none
+ ssh_opts=-oBatchMode=no
+ ssh_opts=-oBatchMode=no -oConnectTimeout=60
+ ssh_opts=-oBatchMode=no -oConnectTimeout=60 -oServerAliveInterval=60
+ ssh_opts=-oBatchMode=no -oConnectTimeout=60 -oServerAliveInterval=60 -oStrictH
+ /usr/lpp/coz/bin/cozsftp -oBatchMode=no -oConnectTimeout=60 -oServerAliveInter
mvsftp@pwsftp01.classic.pchad.com
+ 0<< EOB
lzopts mode=text,servercp=ISO8859-1
cd /AppFTP/Itemization_Letter_Report
ls -l
Co:Z SFTP version: 2.4.4 (5.0p1) 2014-03-18
Copyright (C) Dovetailed Technologies, LLC. 2008-2013. All rights reserved.
/usr/lpp/coz/bin/read_passwd_dsn.sh prompt: "mvsftp@pwsftp01.classic.pchad.com's
fromdsn(SYS4.TECH.CNTLCARD(PCHSFTPW)) N : 1 records/80 bytes read; 9 bytes writt
Connection established, local_addr=xx.x.xx.xx local_port=23467 remote_addr=xxxx
cozsftp> lzopts mode=text,servercp=ISO8859-1
mode=text servercp=ISO8859-1
cozsftp> cd /AppFTP/Itemization_Letter_Report
cozsftp> ls -l
-rw-rw-rw- 1 0 0 71145 Apr 03 23:52 ITEM0403N.txtDONE
CoZBatch I : returning rc=exitcode=0
CoZBatch N : Copyright (C) 2005-2013 Dovetailed Technologies LLC. All rights res
CoZBatch N : version 2.4.4 2014-03-18
CoZBatch I : executing progname=login-shell="-/bin/sh"
+ remoteuser=xxxxx
+ server=xxx.xxx.xxxx.x
+ servercp=ISO8859-1
+ remotefile=
+ export PASSWD_DSN=//SYS4.TECH.CNTLCARD(PCHSFTPW)
+ export SSH_ASKPASS=/usr/lpp/coz/bin/read_passwd_dsn.sh
+ export DISPLAY=none
+ ssh_opts=-oBatchMode=no
+ ssh_opts=-oBatchMode=no -oConnectTimeout=60
+ ssh_opts=-oBatchMode=no -oConnectTimeout=60 -oServerAliveInterval=60
+ ssh_opts=-oBatchMode=no -oConnectTimeout=60 -oServerAliveInterval=60 -oStrictH
+ /usr/lpp/coz/bin/cozsftp -oBatchMode=no -oConnectTimeout=60 -oServerAliveInter
mvsftp@pwsftp01.classic.pchad.com
+ 0<< EOB
lzopts mode=text,servercp=ISO8859-1
cd /AppFTP/Itemization_Letter_Report
ls -l
Co:Z SFTP version: 2.4.4 (5.0p1) 2014-03-18
Copyright (C) Dovetailed Technologies, LLC. 2008-2013. All rights reserved.
/usr/lpp/coz/bin/read_passwd_dsn.sh prompt: "mvsftp@pwsftp01.classic.pchad.com's
fromdsn(SYS4.TECH.CNTLCARD(PCHSFTPW)) N : 1 records/80 bytes read; 9 bytes writt
Connection established, local_addr=xx.x.xx.xx local_port=23467 remote_addr=xxxx
cozsftp> lzopts mode=text,servercp=ISO8859-1
mode=text servercp=ISO8859-1
cozsftp> cd /AppFTP/Itemization_Letter_Report
cozsftp> ls -l
-rw-rw-rw- 1 0 0 71145 Apr 03 23:52 ITEM0403N.txtDONE
CoZBatch I : returning rc=exitcode=0
Re: FOTS1842 problem renaming PRNG seedfile
Nothing to see here, since you didn't get an ssh command failure, and cozsftp command exited with 0.
If the ssh command fails to start a connection, you should not get a exitcode 0. If the cozsftp command is the last command in your shell script, then its exit code with become the job step CC.
If the ssh command fails to start a connection, you should not get a exitcode 0. If the cozsftp command is the last command in your shell script, then its exit code with become the job step CC.
Re: FOTS1842 problem renaming PRNG seedfile
Thanks, in our case the connection was made successfully, the CD command worked, the last successful command was ls -l, the next command was a get command. I am guessing that the get command was never issued or executed do to the FOTS1842 error so that's why we got the cc=0. That would seem to align with your statement 'If the cozsftp command is the last command in your shell script, then its exit code with become the job step' Does that make sense? I really need to understand the best I can as to what happened here because this problem has to be explained to the powers that be. tks
Re: FOTS1842 problem renaming PRNG seedfile
If the cozsftp command is the last command in the shell script, then its exit code will be used as the job step condition code.
The cozsftp command will issue, under the covers, a IBM Ported Tools "ssh" command. If this fails to connect, say with a FOTS1842, then cozsftp will exit with a non-zero exit code from the cozsftp command.
The *subcommands* of cozsftp (ls, get, put, etc) will affect the cozsftp command exit code. These are not themselves shell commands.
The rules for this differ based on the switches that you are using on the cozsftp command, which seem to have been truncated in your post.
Are you using "-b-" ? The -b switch indicates that the input is a batch of commands, and this affects the cozsftp exit code:
The cozsftp command will issue, under the covers, a IBM Ported Tools "ssh" command. If this fails to connect, say with a FOTS1842, then cozsftp will exit with a non-zero exit code from the cozsftp command.
The *subcommands* of cozsftp (ls, get, put, etc) will affect the cozsftp command exit code. These are not themselves shell commands.
The rules for this differ based on the switches that you are using on the cozsftp command, which seem to have been truncated in your post.
Are you using "-b-" ? The -b switch indicates that the input is a batch of commands, and this affects the cozsftp exit code:
If one of the "termination on error" conditions described above occurs, then cozsftp will exit with a non-zero exit code.-b batchfile
Batch mode reads a series of commands from an input batchfile instead of stdin. Since it lacks user interaction it should be used in conjunction with non-interactive authentication. A batchfile of ‘-’ may be used to indicate standard input. sftp will abort if any of the following commands fail: get, put, reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df, symlink, and lmkdir. Termination on error can be suppressed on a command by command basis by prefixing the command with a ‘-’ character (for example, -rm /tmp/blah*).
Re: FOTS1842 problem renaming PRNG seedfile
Yes, in this script we are using -b- switch