- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Batch mode FTP over SSL?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-19-2005 01:56 PM
тАО10-19-2005 01:56 PM
Batch mode FTP over SSL?
Can someone please tell me whether it's feasible to use a VMS 7.3-2 TCP/IP 5.4 system as an FTP-over-SSL (FTPS) client to copy files in batch mode? Would I need to buy an SSL-enabled FTP client program for the VMS system? Is the SSL / FTPS learning curve worse than the SSH learning curve?
I looked at a December 2004 thread in this forum ("SSL Enabled FTP Client for OpenVMS") that sounded relevant, but I didn't find that thread helpful. It seemed to talk about SSH more than SSL. I also did a Google search on comp.os.vms, but I didn't see anything in the threads that I looked at that answered my questions.
- Duane
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-19-2005 09:26 PM
тАО10-19-2005 09:26 PM
Re: Batch mode FTP over SSL?
Have a look at the free cURL program
http://curl.haxx.se/download.html#VMS
It claims to support FTPS.
(And no, I have no experience with it).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-20-2005 06:27 AM
тАО10-20-2005 06:27 AM
Re: Batch mode FTP over SSL?
There are certain limitations using SFTP and SCP with TCPIP V5.3 and V5.4.
But TCPIP V5.5 seems working fine.
I have pasted those para below which talks about those limitations.
=======================================
3.5.2 SSH File Copy Restrictions
├в ┬в On OpenVMS, setting the ForcePTTYAllocation keyword to YES in the
SSH2_CONFIG. file can result in failures when performing file copy operations. (In other implementations of SSH, setting the keyword ForcePTTYAllocation to YES in the SSH2_CONFIG. file has the same effect as using the -t option to the SSH command.)
├в ┬в Using the scp and sftp commands from an OpenVMS SSH client to a UNIX
server running OpenSSH is not fully supported because certain operations
cause the OpenVMS client to hang. The hang cannot be terminated by
entering Ctrl/C and Ctrl/Y.
├в ┬в File transfer is limited to OpenVMS files with the following record formats
(as displayed by the DIRECTORY/FULL command): STREAM_LF
Fixed-length 512-byte records
├в ┬в Not all variants of UNIX path names are supported when referring to files on
OpenVMS clients and servers.
├в ┬в Using the SCP and SFTP commands from a non-OpenVMS client may have
unpredictable results, depending on how the client formats the target file
name and whether the client is SSH2 compatible.
============================
And you can also find this filecopy restrictions with SFTP of TCPIP V5.4 from the link below.
http://h71000.www7.hp.com/doc/732FINAL/DOCUMENTATION/PDF/TCPIP054_RELNOTES.PDF
Archunan
Archie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-20-2005 07:45 AM
тАО10-20-2005 07:45 AM
Re: Batch mode FTP over SSL?
Thank you for telling me about the cURL program.
I would interested to hear about other people's experiences with cURL on the VMS/Alpha platform.
- Duane
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-20-2005 07:59 AM
тАО10-20-2005 07:59 AM
Re: Batch mode FTP over SSL?
Thanks for including that excerpt from the TCP/IP release notes. I will check whether those restrictions are relevant in my configuration. I understood most of the restrictions, and I'll look in the SSH documentation to learn what ForcePTTYAllocation is.
One thing that the excerpt mentions is the file format. I get the sense from other things that I've read that a variety of products ported to VMS favor that file format, so I will also "read the friendly manual" for CONVERT /FDL.
- Duane
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-20-2005 08:03 AM
тАО10-20-2005 08:03 AM
Re: Batch mode FTP over SSL?
Does it sound fair to say that in the VMS environment, when people want to copy files securely over an insecure medium, it's more common for people to use SSH than to use SSL? I'm getting that impression from the things that I've read on-line, but I want to avoid misrepresenting things.
- Duane
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-20-2005 09:32 PM
тАО10-20-2005 09:32 PM
Re: Batch mode FTP over SSL?
In the days before ssh/sftp was available, I sometimes used another method maybe of interest to You: using the STUNNEL software, established an SSL encrypted port on both sides, then used standard FTP between these ports.
Knowing the restrictions of sftp, having the full capabilities of FTP maybe an advantage.
It needs setup on both systems/sides though.
Find stunnel on HPs VMS side (I think on open source tools page).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-21-2005 01:22 AM
тАО10-21-2005 01:22 AM
Re: Batch mode FTP over SSL?
Do you have the latest ECO 5 patch update? Check with
$ TCPIP SHOW VERSION
You can download this kit from this site under "suport from Compaq products" if needed.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-21-2005 02:53 AM
тАО10-21-2005 02:53 AM
Re: Batch mode FTP over SSL?
ftp://ftp.itrc.hp.com/openvms_patches/layered_products/alpha/DEC-AXPVMS-TCPIP_ECO-V0504-155-4.txt
ftp://ftp.itrc.hp.com/openvms_patches/layered_products/alpha/DEC-AXPVMS-TCPIP_ECO-V0504-155-4.PCSI-DCX_AXPEXE
and stunnel
http://h71000.www7.hp.com/opensource/opensource.html#stunnel
Purely Personal Opinion
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-21-2005 07:03 AM
тАО10-21-2005 07:03 AM
Re: Batch mode FTP over SSL?
Thanks for discussing the reason that you favor scp / sftp in your environment. You mentioned that it's a Linux environment. I think that it might be a Windows system with which I need to communicate, and my impression is that these products are also available for Windows as well.
As for stunnel, I had read about that, in John Wisniewski's book, but I noticed in the release notes for stunnel that "Stunnel cannot be used to secure FTP with TCP/IP v5.3 ECO 2 or later versions". Since I'm running TCP/IP v5.4, I interpret that to mean that I can't use stunnel with the FTP client that comes with HP's TCP/IP and would instead need to find an SSL-enabled FTP client such as the cURL that you mentioned.
- Duane