Your browser does not allow storing cookies. We recommend enabling them.

Tectia

Creating a User for Batch File Transfers

You can create users specifically for running Tectia Server for IBM z/OS file transfer batch jobs. Batch users need only an OMVS segment. They do not need TSO or passwords.

To create a user, for example SFTUSER, for running batch file transfers, do the following steps:

  1. Create a user, for example using RACF:

    ADDUSER SFTUSER NAME('SSH Tectia Batch User) OWNER(IBMUSER) +
    NOPASSWORD NOOIDCARD +
    OMVS(HOME('/u/SFTUSER') PROGRAM( /nologin ) UID(12345))
    

    The home directory and UID must be unique for each user.

  2. Create the USS home directory /u/SFTUSER for the SFTUSER user. Under it, create the .ssh2 subdirectory for storing the remote server host keys (and optionally user keys and the user-specific ssh-broker- config.xml configuration file). Make SFTUSER the owner of these directories:

    # mkdir /u/SFTUSER
    # mkdir /u/SFTUSER/.ssh2
    # chown -R SFTUSER /u/SFTUSER
    # chmod 700 /u/SFTUSER/.ssh2
    
[Note]Note

If you use ACF2 for system security and have enabled the TSO Command Limiting list, the batch user must have BPXWRTCM permitted.



Want to see how PrivX can help your organisation?

Are you a DEVELOPER accessing cloud hosts, are you a IT ADMIN managing access & credentials in your corporation, are you BUSINESS MANAGER and want to save money or are you responsible of IT SECURITY in DevOps