We are pleased to announce today a new release of the Co:Z
Toolkit: 1.5.0
This release makes it possible to use your SAF/RACF Keyring to
authenticate a Co:Z SFTP or Co:Z Launcher session. This may be used
as an alternative to a password or SSH private key. The remote SSHD
server does not require any special support: Co:Z adapts the SSL
client certificate and key stored in SAF(RACF) and uses these to sign
client authentication requests. The private key is never removed from
RACF, and may be stored in ICSF. Under the covers, we use the same
System SSL (gsk*) APIs used by the IBM FTP client, so third-party
security products that are compatible with Systems SSL and SAF digital
certificates should work as well.
Other changes include:
- Enhanced Co:Z Launcher console communication
- The Dataset Pipes "todsn" now allows explicit DD name specification
- The cozsftp client was changed to use unnamed pipes to "ssh" instead
of Unix domain sockets; this corrects hangs and slow performance that
could otherwise occur in some circumstances
- Co:Z SFTP was fixed to use normal ASCII linefeed (x'0a') for HFS/zFS
files in the case that system codepage conversions specify ASCII NEL
(x'85).
Here is a link to the new package:
http://dovetail.com/downloads/coz/coz-1.5.0.bin
Here are some documentation links for the new SAF certificate function:
Setting up certificates:
http://dovetail.com/docs/coz/auth.html#auth-racf
Using certificates with Co:Z Launcher:
http://dovetail.com/docs/coz/running.html#running_racf
Using certificates with Co:Z SFTP:
http://dovetail.com/docs/sftp/client.ht ... batch_cert
Please feel free to post any questions or problems to this forum.