On Thursday, 12/13/2007 at 12:18 EST, Thomas Kern <[EMAIL PROTECTED]> wrote: > The SSLSERV service machine provides SSL wrapping to inbound > transactions on selected ports. I have used it for TN3270, FTP and POP > and HTTP. It does not support outbound transactions.
This is incorrect. As of z/VM 5.3 the CMS ftp client, telnet client, the ldap client utilities, and the SMTP server (which is also an SMTP client) are SSL-enabled. This is in addition to the updates to the telnet and ftp servers to support negotiated (aka "explicit") SSL, as is required to do secure SMTP, in addition to their existing support for "static" or "implicit" SSL. > I doubt there is any OpenSSL code in the IBM provided code. There is no OpenSSL code in z/VM. > Others have said that porting > OpenSSH to z/VM would be very difficult because of the functions used to > 'fork' into threads or daughter tasks (this is where my knowledge of > c/unix programming stops). That does not mean that programs could not be > written to perform outbound commandline tasks like "ssh [EMAIL PROTECTED] -C > 'remote command'" or "scp my.file host:/dir/subdir/your.file". The ssh and scp client-side commands have generated more interest than an ssh server. With an ssh client you do all sorts of automated management things, including allocating storage in the disk controllers! Thinking about implementing a server, OTOH, gives me a migraine and heart palpitations. Among other things, it introduces a significant challenge because of the expectation (reasonable or not) that it would allow fullscreen interaction. And I'm not convinced the benefit would be worth the expense. Alan Altmark z/VM Development IBM Endicott
