subject:"Re\: Secure FTP On z\/VM 5.3"

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread Miguel Delapaz


Mike,

Secure FTP was possible prior to z/VM 5.3.  You had to specify SECURE on
the PORT statement for the FTP server and the client had to initiate a
secure connection to the port.

In z/VM 5.3 we've added the ability for the client and server to negotiate
security options based on RFC 4217 (Securing FTP with TLS).  Configuration
of the FTP server to support TLS is discussed in TCP/IP Planning and
Customization, Chapter 8. Configuring the FTP Server (specifically Step 6:
Configure Secure FTP Connections).

Regards,
Miguel Delapaz
z/VM TCP/IP Development


The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/08/2007
06:35:34 AM:

 Hi Folks,

 I thought that with the introduction of SSL on z/VM 5.3 we'd be able
 to do secure FTP in/out of VM.  I'm in the process of installing and
 configuring z/VM 5.3 second level right now (and getting the
 required Linux guest set up for SSL support) - but I don't see
 anything which suggests secure FTP is supported.

 Is secure FTP possible with z/VM 5.3's TCPIP (inbound, outbound, or
 both)?  If it is, can someone point me to the doc discussing this
 (I've read all of the z/VM 5.3 TCPIP manuals and the Program
 Directory, and I just don't see this ...)?

 -TIA

 -Mike

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread Michael Coffin

Thanks Miguel.  This will provide the ability to do S-FTP INBOUND to
z/VM's FTPSERVE from the looks of it, but will CMS users be able to
S-FTP OUTBOUND to other S-FTP servers (local z/VM FTPSERVE or on remote
systems)?
 
-Mike

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Miguel Delapaz
Sent: Wednesday, August 08, 2007 9:55 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3



Mike,

Secure FTP was possible prior to z/VM 5.3. You had to specify SECURE on
the PORT statement for the FTP server and the client had to initiate a
secure connection to the port.

In z/VM 5.3 we've added the ability for the client and server to
negotiate security options based on RFC 4217 (Securing FTP with TLS).
Configuration of the FTP server to support TLS is discussed in TCP/IP
Planning and Customization, Chapter 8. Configuring the FTP Server
(specifically Step 6: Configure Secure FTP Connections).

Regards,
Miguel Delapaz
z/VM TCP/IP Development 


The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on
08/08/2007 06:35:34 AM:

 Hi Folks,
  
 I thought that with the introduction of SSL on z/VM 5.3 we'd be able
 to do secure FTP in/out of VM.  I'm in the process of installing and
 configuring z/VM 5.3 second level right now (and getting the 
 required Linux guest set up for SSL support) - but I don't see 
 anything which suggests secure FTP is supported.
  
 Is secure FTP possible with z/VM 5.3's TCPIP (inbound, outbound, or 
 both)?  If it is, can someone point me to the doc discussing this 
 (I've read all of the z/VM 5.3 TCPIP manuals and the Program 
 Directory, and I just don't see this ...)?
  
 -TIA
  
 -Mike

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread Huegel, Thomas

Just a crazy question, by 'local z/VM FTPSERV' are you refering to another
z/VM on the same mainframe? If so why would you ever want to do that? I may
have to do this too, but never considered the local senerio.

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED]
Behalf Of Michael Coffin
Sent: Wednesday, August 08, 2007 9:04 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3

Thanks Miguel.  This will provide the ability to do S-FTP INBOUND to z/VM's
FTPSERVE from the looks of it, but will CMS users be able to S-FTP OUTBOUND
to other S-FTP servers (local z/VM FTPSERVE or on remote systems)?

-Mike

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Miguel Delapaz
Sent: Wednesday, August 08, 2007 9:55 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3

Mike,

Secure FTP was possible prior to z/VM 5.3. You had to specify SECURE on the
PORT statement for the FTP server and the client had to initiate a secure
connection to the port.

In z/VM 5.3 we've added the ability for the client and server to negotiate
security options based on RFC 4217 (Securing FTP with TLS). Configuration of
the FTP server to support TLS is discussed in TCP/IP Planning and
Customization, Chapter 8. Configuring the FTP Server (specifically Step 6:
Configure Secure FTP Connections).

Regards,
Miguel Delapaz
z/VM TCP/IP Development 

The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/08/2007
06:35:34 AM:

 Hi Folks,

 I thought that with the introduction of SSL on z/VM 5.3 we'd be able
 to do secure FTP in/out of VM.  I'm in the process of installing and
 configuring z/VM 5.3 second level right now (and getting the 
 required Linux guest set up for SSL support) - but I don't see 
 anything which suggests secure FTP is supported.

 Is secure FTP possible with z/VM 5.3's TCPIP (inbound, outbound, or 
 both)?  If it is, can someone point me to the doc discussing this 
 (I've read all of the z/VM 5.3 TCPIP manuals and the Program 
 Directory, and I just don't see this ...)?

 -TIA

 -Mike

  _  

 ella for Spam Control  has removed 12499 VSE-List messages and set
aside 11373 VM-List for me
You can use it too - and it's FREE!   www.ellaforspam.com
http://www.ellaforspam.com

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread Miguel Delapaz

The CMS FTP client was also updated to support TLS.  Configuration and
usage is discussed in the TCP/IP User's Guide, Chapter 2. Transferring
Files Using FTP under the heading Transferring Files Using Secure FTP

Regards,
Miguel Delapaz
z/VM TCP/IP Development


The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/08/2007
07:03:54 AM:

 Thanks Miguel.  This will provide the ability to do S-FTP INBOUND to
 z/VM's FTPSERVE from the looks of it, but will CMS users be able to
 S-FTP OUTBOUND to other S-FTP servers (local z/VM FTPSERVE or on
 remote systems)?

 -Mike

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread Michael Coffin

We have a mandate that no insecure FTP servers be run.  I know we
could restrict access to the insecure FTP server to just CMS users - but
I also have to certify annually that all FTP servers are S-FTP (and
getting exceptions to mandates with this organization is very hard to
do).  :)
 
FWIW, I'm more concerned with CMS users being able to S-FTP outbound to
remote servers (be they z/VM, Linux, Winblows or anything else for that
matter).
 
-Mike

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Huegel, Thomas
Sent: Wednesday, August 08, 2007 10:10 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3


Just a crazy question, by 'local z/VM FTPSERV' are you refering to
another z/VM on the same mainframe? If so why would you ever want to do
that? I may have to do this too, but never considered the local senerio.
 

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED]
Behalf Of Michael Coffin
Sent: Wednesday, August 08, 2007 9:04 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3


Thanks Miguel.  This will provide the ability to do S-FTP INBOUND to
z/VM's FTPSERVE from the looks of it, but will CMS users be able to
S-FTP OUTBOUND to other S-FTP servers (local z/VM FTPSERVE or on remote
systems)?
 
-Mike

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Miguel Delapaz
Sent: Wednesday, August 08, 2007 9:55 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3



Mike,

Secure FTP was possible prior to z/VM 5.3. You had to specify SECURE on
the PORT statement for the FTP server and the client had to initiate a
secure connection to the port.

In z/VM 5.3 we've added the ability for the client and server to
negotiate security options based on RFC 4217 (Securing FTP with TLS).
Configuration of the FTP server to support TLS is discussed in TCP/IP
Planning and Customization, Chapter 8. Configuring the FTP Server
(specifically Step 6: Configure Secure FTP Connections).

Regards,
Miguel Delapaz
z/VM TCP/IP Development 


The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on
08/08/2007 06:35:34 AM:

 Hi Folks,
  
 I thought that with the introduction of SSL on z/VM 5.3 we'd be able
 to do secure FTP in/out of VM.  I'm in the process of installing and
 configuring z/VM 5.3 second level right now (and getting the 
 required Linux guest set up for SSL support) - but I don't see 
 anything which suggests secure FTP is supported.
  
 Is secure FTP possible with z/VM 5.3's TCPIP (inbound, outbound, or 
 both)?  If it is, can someone point me to the doc discussing this 
 (I've read all of the z/VM 5.3 TCPIP manuals and the Program 
 Directory, and I just don't see this ...)?
  
 -TIA
  
 -Mike


  _  

 ella for Spam Control  has removed 12499 VSE-List messages and set
aside 11373 VM-List for me
You can use it too - and it's FREE!  www.ellaforspam.com

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread Michael Coffin

Thanks Miguel!  Looks like it should work.  :)

-Mike

-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Miguel Delapaz
Sent: Wednesday, August 08, 2007 10:17 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Secure FTP On z/VM 5.3

The CMS FTP client was also updated to support TLS. Configuration and
usage is discussed in the TCP/IP User's Guide, Chapter 2. Transferring
Files Using FTP under the heading Transferring Files Using Secure FTP

Regards,
Miguel Delapaz
z/VM TCP/IP Development 

The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on
08/08/2007 07:03:54 AM:

 Thanks Miguel.  This will provide the ability to do S-FTP INBOUND to
 z/VM's FTPSERVE from the looks of it, but will CMS users be able to 
 S-FTP OUTBOUND to other S-FTP servers (local z/VM FTPSERVE or on 
 remote systems)?

 -Mike

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread David Boyes

 Secure FTP was possible prior to z/VM 5.3. You had to specify SECURE
on the PORT statement  for the FTP server and the client had to
initiate a secure connection to the port.

The client also had to understand implicit SSL, which few clients do. 

 In z/VM 5.3 we've added the ability for the client and server to
negotiate security
 options based on RFC 4217 (Securing FTP with TLS). Configuration of
the FTP server to
 support TLS is discussed in TCP/IP Planning and Customization, Chapter
8. Configuring
 the FTP Server (specifically Step 6: Configure Secure FTP
Connections).

And this works just fine with a lot more clients on the server side. I
don't see any changes to the CMS client, though.

Re: Secure FTP On z/VM 5.3

2007-08-08 Thread David Boyes

 The CMS FTP client was also updated to support TLS. Configuration and
usage is 
? discussed in the TCP/IP User's Guide, Chapter 2. Transferring Files
Using FTP 
 under the heading Transferring Files Using Secure FTP

And there it is. Should have known Miguel wouldn't miss something that
simple. 

Nice job, Miguel. Burns CPU like crazy compared to the old client, but
that's expected. 

-- db

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

Re: Secure FTP On z/VM 5.3

8 matches

Site Navigation

Mail list logo

Footer information