home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20021006-20030409
/
000100_jhaines@benplan.com_Mon Nov 18 12:32:28 EST 2002.msg
< prev
next >
Wrap
Text File
|
2020-01-01
|
3KB
|
79 lines
Article: 13866 of comp.protocols.kermit.misc
Path: newsmaster.cc.columbia.edu!panix!bloom-beacon.mit.edu!newsfeed.stanford.edu!postnews1.google.com!not-for-mail
From: jhaines@benplan.com (John Haines)
Newsgroups: comp.protocols.kermit.misc
Subject: Re: Kermit-FTP and SSL
Date: 18 Nov 2002 08:59:26 -0800
Organization: http://groups.google.com/
Lines: 60
Message-ID: <684be77d.0211180859.13f8daff@posting.google.com>
References: <684be77d.0211151031.2ed9f7b5@posting.google.com> <ar3lte$l1p$1@newsmaster.cc.columbia.edu>
NNTP-Posting-Host: 216.136.79.238
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: posting.google.com 1037638767 25649 127.0.0.1 (18 Nov 2002 16:59:27 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: 18 Nov 2002 16:59:27 GMT
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:13866
Thanks! The SET AUTH TLS RSA-CERT-FILE and SET AUTH TLS RSA-KEY-FILE
worked.
I have been reading the http://www.kermit-project.org/security.html to
learn how to get all this working, but there are lots of options.
Just needed a little nudge to get going in the right direction!
Thanks again.
A few more questions. I want to automated the entire connection and
transfer process. However, with SSL enabled connections, you are
asked for your private passphrase when making a connection. To
eliminate the prompting for the phassphrase I unencrypted the private
key and placed it in a secure place. I used the following command to
create the unencrypted private key file.
openssl dsa -in encrypted-key-file -out unencrypted-key-file
Is this the correct way to accomplish this? Now, I have only one more
prompt to eliminate. We are generating our own certificate for our
FTP Server. How do I eliminate this warning?
Warning: Server has a self-signed certificate
[0] subject=/C=US/ST=Texas/O=The Company/L=San
Antonio/OU=MIS/Email=haines
@xxxxxxxx.com/CN=U216JYFZB040.xxxxxxxx.com[0]
issuer=/C=US/ST=Texas/O=The Company
/L=San Antonio/OU=MIS/Email=haines@xxxxxxxx.com/CN=U216JYFZB040.xxxxxxxx.com
Continue? (Y/N) y
This is probably more of an openssl question, but any insight may be
of assistance.
Thanks again for the help.
jaltman@watsun.cc.columbia.edu (Jeffrey Altman) wrote in message news:<ar3lte$l1p$1@newsmaster.cc.columbia.edu>...
> In article <684be77d.0211151031.2ed9f7b5@posting.google.com>,
> John Haines <jhaines@benplan.com> wrote:
> : I saw a question on comp.protocols.kermit.misc in May about C-Kermit
> : on AIX 4.3.3 using SSL with WS_FTP Server. I'm trying to perform the
> : same thing and thought I would ask for some assistance. My goal is to
> : have my AIX box be an FTP client to an NT WS_FTP Server using SSL with
> : certificates. How do I setup Kermit (and OpenSSL) to send the signed
> : certificate from my AIX client?
>
> Read http://www.kermit-project.org/security.html to learn how to
> configure Kermit to use certificates.
>
>
> Then your script below will be fine but do not specify both SSL and TLS
> as AUTH types. You only need to try to negotiate once.
>
> Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
> The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
> http://www.kermit-project.org/ Secured with MIT Kerberos, SRP, and
> kermit-support@columbia.edu OpenSSL.