ACTION REQUIRED: Blue Diamond SSH Key Replacement on September 8, 2025.

Previous topic - Next topic
Print
Go Down Pages1
User actions

Ed_Arnold

September 02, 2025, 02:29:15 PM
Audience:    Anyone who uploads files to Blue Diamond using the SFTP protocol.

Description:    The current RSA SSH key, used to establish a connection to the Blue Diamond FTP server, will be replaced by an ECDSA (Elliptic Curve Digital Signature Algorithm) key. This change will affect anyone who uploads files to Blue Diamond using the SFTP protocol via command line or FTP clients such as FileZilla or WinSCP.

Effective Date:    September 8, 2025.

Action/Impact:    The current RSA SSH key, used to establish a connection to the Blue Diamond FTP server, will be replaced with an ECDSA key on September 8, 2025. Anyone using the SFTP protocol must accept the new key on or after this date in order to continue uploading files to Blue Diamond.

Implementing the new ECDSA key
•   Command line (sftp/scp) - Update your "known_hosts" file (this process varies between different OS. If in doubt, please refer to your System Admin or appropriate documentation)
o   If your known_hosts file has plain text hostnames (not hashed values):
�   Backup your "known_hosts" file
�   Get the new key from the Blue Diamond FTP Server and add it to your known_hosts file

ssh-keyscan -t ecdsa msciftpgw.im-ies.ibm.com >> ~/.ssh/known_hosts
o   For hashed hostnames/ip in known_hosts file:
�   Backup your "known_hosts" file
�   Get the new key from the Blue Diamond FTP Server and add it to your known_hosts file

ssh-keyscan -t ecdsa -H msciftpgw.im-ies.ibm.com >> ~/.ssh/known_hosts
•   FTP clients (ie. FileZilla or WinSCP) - When you attempt to connect to the Blue Diamond FTP server using these Windows tools, you will be prompted to add the new key to the cache.  When prompted, click "Always trust this host, add this key to the cache" and click OK.

•   zOS: Ensure your OS version supports ECDSA IBM zOS Support Doc at https://www.ibm.com/docs/en/zos/3.1.0?topic=ssl-elliptic-curve-cryptography-support

Support/Contact:    For more information or to request support, please email sdsmsci@us.ibm.com

Additional information:    For up-to-date status information on Blue Diamond Services, visit our Status Page at Blue Diamond Status Page at https://status.im-ies.ibm.com/index.html?continue




#zOS #ODF
Print
Go Up Pages1
User actions
SMF 2.1.4 © 2023, Simple Machines
ProCurve Theme Made By : TwitchisMental