home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20021006-20030409
/
000260_fdc@columbia.edu_Mon Feb 3 11:42:22 EST 2003.msg
< prev
next >
Wrap
Text File
|
2020-01-01
|
3KB
|
67 lines
Article: 14053 of comp.protocols.kermit.misc
Path: newsmaster.cc.columbia.edu!news.columbia.edu!news-not-for-mail
From: fdc@columbia.edu (Frank da Cruz)
Newsgroups: comp.sys.hp.apps,comp.protocols.kermit.misc,comp.sys.hp.hpux
Subject: Re: Secure ftp using SSL.
Date: 3 Feb 2003 11:42:16 -0500
Organization: Columbia University
Lines: 47
Message-ID: <b1m658$r5c$1@watsol.cc.columbia.edu>
References: <b16col$mb0$1@news2.pharma.com> <SP_Z9.93$Qc2.64@news.cpqcorp.net> <e95b1b.tr8.ln@Lonmay.wew.co.uk> <_Dq_9.4148$Of4.1143268@twister.nyc.rr.com>
NNTP-Posting-Host: watsol.cc.columbia.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: newsmaster.cc.columbia.edu 1044290537 4161 128.59.39.139 (3 Feb 2003 16:42:17 GMT)
X-Complaints-To: postmaster@columbia.edu
NNTP-Posting-Date: 3 Feb 2003 16:42:17 GMT
Xref: newsmaster.cc.columbia.edu comp.sys.hp.apps:15020 comp.protocols.kermit.misc:14053 comp.sys.hp.hpux:154758
In article <_Dq_9.4148$Of4.1143268@twister.nyc.rr.com>,
Jeffrey Altman [Road Runner NYC] <jaltman2@nyc.rr.com> wrote:
: Colin M wrote:
: > ...
: > Given FTPs peculiarities SSL encapsulation has not been a big hit. I'd
: > recommend you make sure this is your only option as opposed to HTTPS /
: > SSL-nfs / SSL-SMB / scp
:
: As with everything else one needs to understand what you mean by a "bit
: hit". The only reason that TLS secured FTP is not considered a "bit
: hit" by the masses is because it is not implemented in your browser...
:
"big hit" :-)
Anyway, Jeff gave an excellent overview of the situation. Whenever secure
file transfer is needed in the general case -- downloads AND uploads, binary
AND text, etc -- secured FTP is a good choice because FTP is mature and
proven in decades of practice, and is intrinsically platform-neutral, thus
can be used with not only Windows and Linux, but also IBM mainframes, VMS,
Tandem, you name it. I hope I don't have to elaborate on why this is
A Good Thing.
FTP can be secured by (among other IETF standard and approved methods)
SSL/TLS. The Kermit FTP client supports this, but until now has not been
available in this configuration for HP-UX. Now, thanks to Tapani Tarvainen
of the University of Jyväskylä in Finland, it's available for
HP-UX 11.xx too:
http://www.columbia.edu/kermit/ckdaily.html
Again, this is source code only because we are not permitted by the US
government to put binaries for secure versions of Kermit on our public FTP
site. To obtain it for your site, download from the page cited above,
then follow the directions for building from the main C-Kermit page:
http://www.columbia.edu/kermit/ckermit.html#source
(except don't download the 8.0.206 version because you already downloaded
the newer one) and use "make hpux1100o+openssl" to compile and link.
The ANSI optimizing C compiler and OpenSSL libraries and headers are
required. For details see:
http://www.columbia.edu/kermit/security.html#x4.2
(especially Section 4.2.3).
- Frank