Note on usage

Function: Enter a partner in the partner list

User group: FT administrator

Functional description

You use the ftaddptn command to enter a partner system in the local system's partner list.

Format

ftaddptn -h |

[ <partner name 1..8> ]
-pa=<partner address 1..200>
[ -id=<identification 1..64> | -id= ]
[ -ri=<routing info 1..8> | -ri=@i | -ri= ]
[ -ptc=i | -ptc=a | -ptc= ]
[ -sl=1..100 | -sl=p | -sl= ]
[ -pri=l | -pri=n | -pri=h ]
[ -st=a | -st=d | -st=ad ]
[ -ist=a | -ist=d ]
[ -am=y | -am=n ]
[ -rqp=p | -rqp=s ]
[ -rco=n | -rco=f | -rco= ]
[ -tr=n | -tr=f | -tr= ]
[ -nsap=<AFI 36 | .. | 59>.[<IDI 0..15>][.<DSP 0..38>] | 2..40 ]
[ -cl=0/- | -cl=2/0 | -cl=2/2 ]
[ -ws=<1..127> ]
[ -ps=16 | 32 | 64 | 128 | 256 | 512 | 1024 | 2048 | 4096 ]
[ -cud=<2..32> ]
[ -cug=<0..9999> ]
[ -thr=75 | 150 | 300 | 600 | 1200 | 2400 | 4800 | 9600 |

19200 | 48000 | 64000 | 128000 | 192000 ]

[ -rch=y | -rch=n ]
[ -sif=[0][,1][,2][,3]..[,15] ] (Linux systems)
[ -sif=<0..3>:<0..3>[,<0..3>:<0..3>]..[,<0..3>:<0..3>] ] (Windows systems)
[ -kl=  | -kl=FTOPT | -kl=0 | 768 | 1024 | 2048 | 3072 | 4096 ]
[ -klmin=  | -klmin=FTOPT | -klmin=0 | 768 | 1024 | 2048 | 3072 | 4096 ]

Description

-h

Displays the command syntax on the screen. Entries after the -h are ignored.

partner name

This is the name to be used to enter the partner system in the partner list. The name may consist of 1 to 8 alphanumerical characters. The first character must be a letter and no distinction is made between uppercase and lowercase. The name can be chosen freely and need only be unique within openFT.

partner name not specified

Specifies that the partner is a dynamic partner.

I.e. you assign one or more attributes that are different from the corresponding default values, e.g. -tr=n (activate trace).

Please note:

-pa=partner address

You use -pa to enter the address of the partner system in the following form:

[protocol://]host[:[port].[tsel].[ssel].[psel]]

host (= computer name) is mandatory; all other specifications are optional.

For details concerning address specifications, see section “Specifying partner addresses”.

-id=identification | -id=

Identification unique in the network of the openFT instance in the partner system. In the case of FTAM partners, it is possible to specify an Application Entity Title in the form n1.n2.n3.n4..mmm as the identification. n1, n2 etc. are positive integer values which describe the "Application Process Title". n1 can only have the values 0, 1 or 2, n2 is restricted to values between 0 and 39 if n1 does not have the value 2. The optional Application Entity Qualifier mmm must be separated from the values of the Application Process Title by two periods. Please refer to the openFT manual "Concepts and Functions", section "Special points for file transfer with FTAM partners" for details.

-id must not be specified for FTP partners!

Identification not specified

The specification of -id= means that the host (host name) is used for identification for the openFT and FTADM protocol.

Default value: host (host name) for the openFT and FTADM protocol, otherwise blank.

-ri=routing info | -ri=@i | -ri=

If the partner system can only be accessed via an intermediate instance then you specify the address information to be used for routing by the intermediate instance in routing info.

@i for routing info

The instance identification specified in -id= is used as the routing information.

neither @i nor routing info specified (default value)

The specification of -ri= (without parameters) means that the partner system can be accessed directly, i.e. without an intermediate instance.

-ptc=i | -ptc=a

You can use -ptc to modify the operating parameter setting for sender verification on a partner-specific basis. These settings only affect partners which are connected via the openFT protocol and do not operate with authentication (e.g. partners with openFT V8.0 or earlier).

i (identification)

Deactivates checking of the transport address. Only the partner's identification is checked. The partner's transport address is also not checked even if extended sender verification is globally active (see the ftmodo command).

a (address)

Activates checking of the transport address. The partner's transport address is checked even if checking of the transport address is globally deactivated (see the ftmodo command).

If the transport address under which the partner logs on is not the same as the entry in the partner list then the request is rejected.

neither i nor a specified (default value)

-ptc= (without parameters) means that the operating system parameters apply to sender verification.

-sl=1..100 | -sl=p | -sl=

You use this option to assign a security level to the partner system.

A low security level means that the need for protection towards this partner is low, for instance because the partner's identity has been authenticated using cryptographic methods, which means that you can be certain that the partner is genuinely who they claim to be.

A high security level means that the need for protection towards this partner is high, because the identity of the partner has only been determined on the basis of their address, for instance, and that no authentication has been performed using cryptographic methods.

1..100

Assigns a fixed security level to the partner. 1 is the lowest and 100 the highest security level.

All integers 1 through 100 are permitted.

p

Security level not specified (default value)

-sl= (without parameters) means that the operating parameter setting for the security level applies (see the ftmodo command).

-pri=l | -pri=n | -pri=h

-pri allows you to specify the priority of a partner in respect of processing requests that have the same request priority. This means that the partner priority only applies in the case of requests that have the same request priority, but that are issued to partners with a different partner priority.

l (low)

The partner is assigned a low priority.

n (normal, default)

The partner is assigned a normal priority.

h (high)

The partner is assigned a high priority.

-st=a | -st=d | -st=ad

This option allows you to control how locally submitted asynchronous file transfer requests to the specified partner system are processed.

a (active, default value)

Locally submitted asynchronous file transfer requests to this partner system are processed if the asynchronous openFT server is started.

d (deactivated)

Locally submitted asynchronous file transfer requests to this partner system are initially not processed but are stored in the request queue.

ad (automatic deactivation)

Multiple consecutive unsuccessful attempts to establish a connection to this partner system result in its deactivation. The maximum number of unsuccessful attempts is 5. If you want to perform file transfer again with this system, you must explicitly activate it with ftmodptn -st=a.

The maximum number of such unsuccessful attempts is 5. After a connection has been established successfully, the counter is reset to 0.

-ist=a | -ist=d

This option allows you to control how file transfer requests issued remotely by the specified partner system are processed.

a (active, default value)

File transfer requests issued remotely by this partner system are processed if the asynchronous openFT server is started.

d (deactivated)

Synchronous file transfer requests issued remotely by this partner system are rejected. Asynchronous file transfer requests issued remotely by this partner are stored there and cannot be processed until this partner is activated again with -ist=a.

-am=n | -am=y

You can use this option to force partner authentication.

n (default value)

Authentication is not forced, i.e. this partner is not restricted with regard to authentication.

y

Authentication is forced, i.e. requests are only processed if the local system is successfully able to authenticate the partner.

-rqp=p | -rqp=s

You use this option (rqp = request processing) to control whether asynchronous outbound requests to this partner are always run serially or whether parallel requests are permitted.

p (parallel, default value)

Parallel connections to this partner are permitted.

s (serial)

Parallel connections to this partner are not permitted. If multiple file transfer requests to this partner are pending then they are processed serially. A follow-up request is not started until the preceding request has terminated.

-rco=n | -rco=f | -rco=

With this option (rco = recovery outbound) you can switch on and off the restart function for outbound requests. The parameter has no impact if the implementation of the file transfer protocol (FTP) or type of request (e.g. preprocessing, synchronous orders) does not permit a restart.

n (on)

the restart is always activated for this partner for outbound requests.

f (off)

the restart is deactivated for this partner for outbound requests.

neither n nor f specified (default value)

-rco= (without parameters) means that the restart operability for outbound requests depends on the setting in the operating parameters, see the ftmodo command.

-tr=n | -tr=f | -tr=

You can use this option to modify the operating parameter settings for the partner selection for the openFT trace function on a partner-specific basis.

n (on)

The trace function is active for this partner. However, a trace is only written if the openFT trace function has been activated via the operating parameters. In this case, this setting for ftaddptn takes priority over the partner selection for the trace function in the operating parameters. See the ftmodo command, -tr and -trp options.

f (off)

The trace function is deactivated for this partner.

neither n nor f specified (default value)

-tr= (without parameters) means that the global setting for partner selection in the openFT trace function applies (see the ftmodo command).

You can use the following options to enter an X.25 partner in the local system's partner list. The usage of these options is only allowed if the partner address (option -pa) has a valid
X.25 address (beginning with %x25).

-nsap=<AFI 36 | .. | 59>.[<IDI 0..15>][.<DSP 0..38>] | 2..40

-cl=0/- | -cl=2/0 | -cl=2/2

The proposed and alternative transport protocol class according to ISO 8073 can be defined for the connection set-up to the remote application.

The specification of the transport protocol class is optional. The transport protocol class 2/0 is used as default.

-ws=<1..127>

You can define the window size. A differentiation between incoming/outgoing window size is not possible. The format is a decimal number.

The specification of the window size is optional.

-ps=16 | 32 | 64 | 128 | 256 | 512 | 1024 | 2048 | 4096

The package size can be selected. A differentiation between incoming/outgoing package size is not possible.

The specification of the package size is optional.

-cud=<2..32>

The transport protocol identification (max. 32 hexadecimal digits) can be specified if it is expected of the X.25 connection-set up to the remote application. It is sent as Call User Data for the connection set-up.

The specification of the user data is optional.

-cug=<0..9999>

You can define a closed user group consisting of up to 4 decimal digits.

The specification of the closed user group is optional. If the closed user group is not specified, no value is specified in the X.25 connection set-up.

-thr=75 | 150 | 300 | 600 | 1200 | 2400 | 4800 | 9600 | 9200 | 48000 | 64000 | 128000 | 192000

The throughput class can be selected. A differentiation between incoming/outgoing throughput class is not possible.

The specification of the throughput class is optional. If the throughput class is not specified, no value is specified in the X.25 connection set-up.

-rch=y | -rch=n

You can define the charge transfer.

The value range is: y (yes) or n (no).

The specification of the charge transfer class is optional. If the charge transfer is not specified, no value is specified in the X.25 connection set-up.

-sif= <0..3>:<0..3>[,<0..3>:<0..3>]..[,<0..3>:<0..3>] ( Windows systems )
-sif=[0][,1][,2][,3]..[,15] ( Linux systems )

Specify the line which is to be used as alternative line if there is a failed connection setup to the remote system. Up to 5 lines can be specified separated by a comma.

If the connection set-up via the line specified in the partner address does not work, the connection set-up is attempted using the sequence of line numbers specified here. The specification of one or more alternative lines is optional.

A line is uniquely defined via the combination of adapter number: line number under Windows and via the adapter number under Linux.

The adapter and line numbers specified here must be configured accordingly in the configuration program for the FarSync X.25 cards.

-kl=  | -kl=FTOPT | -kl=0 | 768 | 1024 | 2048 | 3072 | 4096

The parameter can be used to change the length of the RSA key used in encryption. The value of the kl parameter specifies the new RSA key length (RSA-PROPOSED) in bits. The RSA key is only used for the encryption of the AES key agreed between the partners. The configured key length for RSA proposal must be greater than or equal to the specified minimum key length, otherwise a warning will be issued and the proposed key length will be adapted to the minimum key length.

-kl=  | -kl=FTOPT

Empty string or “FTOPT” option specifies, that key value will be taken from global openFT options displayed via “ftshwo” command. Either both of key values (RSA-PROPOSED and RSA-MINIMUM) need to be set to “FTOPT” or none. Combination of one key having global value and second local partner value (0 … 4096) is not allowed and in such situation’s keys, warning will be issued and keys will be adjusted automatically to “FTOPT value.

-kl=0

-kl=0 explicitly deactivates encryption. If this is set during operation, then any requests with encryption (prior to ftmodo -kl=0) that have been submitted but not yet started are aborted with errors. Any running requests are processed, and their encryption is retained. New requests using encryption are rejected.

-kl=768 | 1024 | 2048 | 3072 | 4096

Standard values for RSA-PROPOSAL encryption. Values from 0 to 4096 take priority over the ones specified in global openFT option visible via ftshwo command.

Default setting following update, export from openFT before version 12.1C70 or not specifying value: -kl=FTOPT.

When only RSA-PROPOSAL is specified during addition of partner (without specifying RSA-MINIMUM), then both parameters will be set to global FTOPT values.

-klmin=  | -klmin=FTOPT | -klmin=0 | 768 | 1024 | 2048 | 3072 | 4096

This option specifies the minimum RSA key length.

-klmin=  | -klmin=FTOPT

Empty string or “FTOPT” option specifies, that key value will be taken from global openFT options displayed via “ftshwo” command. Either both of key values (RSA-PROPOSED and RSA-MINIMUM) need to be set to “FTOPT” or none. Combination of one key having global value and second local partner value (0 … 4096) is not allowed and in such situation’s keys, warning will be issued and keys will be adjusted automatically to “FTOPT value.

-klmin=0

No minimum key length is specified. Any key length and even requests without encryption will be accepted.

-klmin=768 | 1024 | 2048 | 3072 | 4096

Standard values for RSA-MINIMUM encryption. Only keys of the specified length or larger ones will be accepted. If the initiator uses a key of a lower length there will be a counter proposal by the responder of the session. Sessions without encryption will not be accepted. That means: Since an RSA key set is always created on the open platforms during installation, an RSA key is always sent in the protocol during the subsequent data transfer. If this key is deleted and the partner requests encryption, then the partner rejects the connection with s Session Reject (SRJ) "connection not accepted without encryption".

Values from 0 to 4096 take priority over the ones specified in global openFT option visible via ftshwo command.

Default setting following update, export from openFT before version 12.1C70 or not specifying value: -klmin=FTOPT.

When only RSA-PROPOSAL is specified during addition of partner (without specifying RSA-MINIMUM), then both parameters will be set to global FTOPT values.

During modification of partner, when both keys are set to global “FTOPT” and user modifies only one key to local value, then warning will be prompted and both key values will be adjusted to value specified by user. Additionally, when both keys are set to one of local values and user modifies only one key to global value, then warning will be prompted and both key values will be adjusted to “FTOPT”.

Example for an X.25 partner on Windows systems

Example for an X.25 partner on Linux systems

ftaddptn mchx25 -pa=%x25[123456789012345%0] -nsap=43,123,45678901 
-cud=12345678901234567890123456789012 -cug=9999 -rch=n -ws=7 
-ps=4096 -thr=192000 -cl=2/2 -sif=1.2