home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
kermit.columbia.edu
/
kermit.columbia.edu.tar
/
kermit.columbia.edu
/
newsgroups
/
misc.20021006-20030409
/
000134_fdc@columbia.edu_Tue Dec 3 16:33:28 EST 2002.msg
< prev
next >
Wrap
Text File
|
2003-04-08
|
3KB
|
67 lines
Article: 13915 of comp.protocols.kermit.misc
Path: newsmaster.cc.columbia.edu!news.columbia.edu!news-not-for-mail
From: fdc@columbia.edu (Frank da Cruz)
Newsgroups: comp.os.vms,comp.protocols.kermit.misc
Subject: VMS C-Kermit with SSL/TLS
Date: 3 Dec 2002 16:29:01 -0500
Organization: Columbia University
Lines: 51
Message-ID: <asj7mt$7co$1@watsol.cc.columbia.edu>
NNTP-Posting-Host: watsol.cc.columbia.edu
X-Trace: newsmaster.cc.columbia.edu 1038950942 14571 128.59.39.139 (3 Dec 2002 21:29:02 GMT)
X-Complaints-To: postmaster@columbia.edu
NNTP-Posting-Date: 3 Dec 2002 21:29:02 GMT
Xref: newsmaster.cc.columbia.edu comp.os.vms:358780 comp.protocols.kermit.misc:13915
Just after C-Kermit 8.0.206 was released, Jeff Altman (with help and advice
>from VMS programmers and HP/Compaq engineers) got SSL/TLS security working
in VMS C-Kermit, at least for terminal connections. This is the first form
of secure authentication and strong encryption available for VMS C-Kermit,
and since it's in Kermit (as opposed to the regular Telnet client), it also
allows secure file transfer over the terminal session as well as scripted
secure sessions. The SSL/TLS version of VMS C-Kermit is not released yet,
but it's available for download in source-code form here:
http://www.columbia.edu/kermit/ckdaily.html
Sorry, we can't put up binaries for download due to US export law.
To build, you'll need a VMS system with a C compiler and with either OpenSSL
or Compaq SSL installed, as well as a TCP/IP package such as UCX (I'm not
sure what will happen with other TCP packages like MultiNet and TCPware).
Then, with the C-Kermit file unpacked into your default directory, type:
@ckvker.com "" "" "CK_SSL"
and off you go. Of course you'll need an SSL-capable server to make
connections to, but you wouldn't be have read this far if you didn't have
one that you needed to get to. The details of C-Kermit security are given
here:
http://www.columbia.edu/kermit/security.html
(which will need to be edited to discuss VMS).
Without certificates, you'll be able to get encrypted, but not securely
authenticated, connections. The software still needs to be updated to
know where to look by default in VMS for X.509 certificates; in any case,
you can use Kermit's SET AUTH TLS or SET AUTH SSL commands to specify the
certificate files.
Interested parties are invited to build and try the code and comment on it.
As noted in other postings, it should now be relatively easy for an
experienced VMS C programmer to adapt Kermit's FTP module to VMS, which
is already SSL/TLS ready. Anyone interested in taking this on is welcome
to contact us at:
kermit-support@columbia.edu
Ditto for C-Kermit's HTTP client (actually, someone has this almost
completed already, with just a few stumbling blocks remaining).
Thanks.
- Frank