HPE Community
Operating System - HP-UX
1855259 Members
3345 Online
104109 Solutions
New Discussion

Re: LFTP on hpux11i

 
SOLVED
Go to solution
Mark Grossman
Regular Advisor

‎08-12-2004 06:10 AM

‎08-12-2004 06:10 AM

LFTP on hpux11i

Good morning,
(Sorry in advance for the long post)
I have a request to setup ftp to a bank (that shall remain nameless for now) that must use SSL encrytption. They will not let us use SSH and it needs to come from an HPUX11i server. All I need is a client - not an SSL server.

I have been thru the forums and google and it looked like LFTP is the client of choice. I spoke to the "written word.com" folks cause they have a pre-compiled HP depot. However, they told me it won't work with this bank because of licensing and compiler issues.

So, it looks like I am back to trying to compile it myself. We have never had much luck compiling open source on hpux. The only c++ I have on these servers is:
PHSS_26946 1.0 HP aC++ -AA runtime libraries (aCC A.03.37)

I have tried a quick 'configure' and it failed.
I am thinking I need a GNU GCC compiler and possibly an ANSI compiler to get this to work.

Has anyone run into this with a bank and come up with a different solution, or know of any other pre-compiled hpux binary that will do SSL encrypted FTP?

thanks,
Mark
0 Kudos
Reply
10 REPLIES 10
Alzhy
Honored Contributor

‎08-12-2004 06:19 AM

‎08-12-2004 06:19 AM

Re: LFTP on hpux11i

Have you tried WU-Ftp client? It is supposed to have SSL support already.

Check the HP Porting site.. or software.hp.com. Last time I looked, HP Supported versions of WU-FTP and OpenSSL were already available.
Hakuna Matata.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎08-12-2004 06:22 AM

‎08-12-2004 06:22 AM

Re: LFTP on hpux11i

Here's another you may want to look at:

C-Kermit 8.0.211 for Unix and VMS
http://www.columbia.edu/kermit/ck80.html

Precompiled binaries for HP-UX (various versions):
http://www.columbia.edu/kermit/ck80binaries.html#hp


0 Kudos
Reply
Alzhy
Honored Contributor

‎08-12-2004 06:26 AM

‎08-12-2004 06:26 AM

Solution

Re: LFTP on hpux11i

HP's WU-FTP Implementation:

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=WUFTPD26

HP's OpenSSL Implementation (addresses CERT Alerts):

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I
Hakuna Matata.
Reply
Mark Grossman
Regular Advisor

‎08-13-2004 03:21 AM

‎08-13-2004 03:21 AM

Re: LFTP on hpux11i

gentelmen,
thanks for the info.
Does this mean I can create a cert for these ftp's using command line openssl, and not have to run a full openssl web server on my end ?
0 Kudos
Reply
Alzhy
Honored Contributor

‎08-13-2004 03:23 AM

‎08-13-2004 03:23 AM

Re: LFTP on hpux11i

I think so.... although I have not used it yet because we rely and have standardised on SSH...
Hakuna Matata.
0 Kudos
Reply
Mark Grossman
Regular Advisor

‎08-13-2004 03:26 AM

‎08-13-2004 03:26 AM

Re: LFTP on hpux11i

ok thx - guess I have some reading to do.
We want to script this ftp for automation - no manual intervention or use of web.
thanks again,
mark
0 Kudos
Reply
Milan Rahman
New Member

‎01-17-2005 11:28 AM

‎01-17-2005 11:28 AM

Re: LFTP on hpux11i

Mark,

I am attempting to do the same with a bank. Can you share what you ended up with to get the SSL FTP to work?

Thanks,
Milan
0 Kudos
Reply
Mark Grossman
Regular Advisor

‎01-18-2005 03:38 AM

‎01-18-2005 03:38 AM

Re: LFTP on hpux11i

Milan,
we ended up buying an SSL FTP client from Sterling - www.sterlingcommerce.com

This is a very simple ftp client that has SSL built in and is cheap and easy to install and use - plus the bank was familiar with it. Sterling has lots of products - go to Connect Enterprise and select the Secure FTP Client (command line client).

The bank provided us with the security certificate needed.

good luck,
mark
0 Kudos
Reply
Milan Rahman
New Member

‎01-18-2005 04:39 AM

‎01-18-2005 04:39 AM

Re: LFTP on hpux11i

Thanks Mark.

I downloaded the "Connect:Enterprise Secure FTP Client UNIX" and is in the process of installing it. Appreciate the response.

Milan
0 Kudos
Reply
James A. Donovan
Honored Contributor

‎02-01-2005 11:26 AM

‎02-01-2005 11:26 AM

Re: LFTP on hpux11i

Just an FYI. I was also looking for an HP-UX based command-line based SSL FTP client. In the past I had looked at C-Kermit, but had problems getting it to compile. I just downloaded the latests available source, tweaked the makefile a little bit and was able to get it working!

I'm posting the steps here in the event others are having similar problems.

I used gcc to compile openssl, zlib and c-kermit

1) Download C-Kermit source code from here: ftp://kermit.columbia.edu/kermit/archives/cku211.tar.gz

2) I had to make the following changes to the makefile to suit my environment (your changes may vary):

$ diff -u makefile.orig makefile
--- makefile.orig 2004-04-17 11:52:00.000000000 -0700
+++ makefile 2005-02-01 15:15:05.000000000 -0800
@@ -736,7 +736,7 @@
#
prefix = /usr/local
srproot = $(prefix)
-sslroot = $(prefix)
+sslroot = /home/jdonovan/src/openssl/openssl-0.9.7d
manroot = $(prefix)

K4LIB=-L/usr/kerberos/lib
@@ -745,8 +745,8 @@
K5INC=-I/usr/kerberos/include
SRPLIB=-L$(srproot)/lib
SRPINC=-I$(srproot)/include
-SSLLIB=-L$(sslroot)/ssl/lib
-SSLINC=-I$(sslroot)/ssl/include
+SSLLIB=-L$(sslroot)/lib
+SSLINC=-I$(sslroot)/include
#
# aix41+krb5+krb4: IBM AIX 4.1 with Kerberos IV and V
# aix43gcc+krb5+krb4: IBM AIX 4.3 built with gcc, ditto
@@ -5332,8 +5332,8 @@
KFLAGS="-DCK_AUTHENTICATION -DCK_SSL -DOPENSSL_097 -DZLIB \
$$SSLINC $(KFLAGS)" \
KLIBS="$(KLIBS) \
- $$SSLLIB -lssl -lcrypto \
- -L/opt/zlib/lib -lz \
+ $$SSLLIB -L/home/jdonovan/src/openssl/openssl-0.9.7d -lssl -lcrypto \
+ -L/home/jdonovan/src/zlib/zlib-1.1.4 -lz \
"

#HP-UX 10.00 or higher with OpenSSL 0.9.7. Compiled with gcc.

3) Ran: make hpux1100gcc+openssl
4) Renamed the "wermit" binary to "c-kermit"
5) Created a simple here document script (c-kermit_test.sh) to test downloading from an SSL-enabled FTP server.

$ cat c-kermit_test.sh
#!/bin/sh

# Some Kermit documentation...
# http://www.columbia.edu/kermit/ftpscripts.html
# http://www.columbia.edu/kermit/security81.html

FTPHOST=mysslftp.server.com
USER=someone
PASS=something

/home/jdonovan/c-kermit <set auth tls verbose off
set auth tls certs-ok
ftp open $FTPHOST /user:$USER /password:$PASS
get myfile.txt
bye
exit
EOF



Remember, wherever you go, there you are...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.