On 2012-08-07 12:37:13 +0000, Dirk Munk said:
> gopalakrishnan wrote:
>> Hi Ken
>>
>> I submitted a reply to Hoff's message and repeated when I did not find
>> my reply here. And still it is not here (I did not get the usual
>> response "message will be reviewd and posted" in those two instances).
>> Hope this gets loaded.
You're apparently not using usenet, you're probably using one of those
sites that re-hosts usenet content.
Try accessing this usenet newsgroup directly.
You can get a free usenet news account at
eternal-september.org, and
news readers are available for all platforms.
>>
>> The server truly is FTP over SSL service (the very first line in the
>> SP's documentation). They use "SFTP" to describe the service as being
>> "secure". The service uses port 22 which is not FTP/SSL standard port
>> but SFTP's. Even the server is named "
sftp.xxxx.co.nz"
>>
>> Moreover I can connect to the sevice, view folders and download files
>> using a Windows FilZilla client connecting to "FTPES://
sftp.xxx.co.nz",
>> port 22 (and user-id / password)
>>
>> I have tried SFTP and it does not work
"Does not work"? Please explain that. And please see
<
http://www.mikeash.com/getting_answers.html> for some background on
this topic.
>>
>> My infrastructure team is now investigating if this has anything to do
>> with our firewall/isa configuration
That would be typical, but that also implies that the FileZilla test
wasn't the same network path as the OpenVMS test.
>>
>> Regards -tk
>>
>>
>> --
http://compgroups.net/comp.os.vms/ftp-ssl-from-openvms-client-to-unix-filezilla-ser/1519815
>>
If that's the service you're using to access the comp.os.vms newsgroup,
please use usenet news directly.
ftp is a pile of steaming stench, with a side-helping of skunk-stink.
ftp over ssl (aka ftps) is, well, a bandaid atop a steaming pile of
stench. ftp/ftps on the wrong ports is worse; emphasis on ports. The
steaming pile of stench that is ftp/ftps is inherently incompatible
with modern networks, and with firewalls. In particular, ftp/ftps
opens a second port up in the empheral range, which then usually gets
blocked by an intervening firewall, or means expensive
protocol-sniffing firewalls. (And protocl sniffing is tougher with
ftps, for obvious reasons.)
The vastly better protocol here is sftp, which shares three or four
letters with those other protocols and a basic purpose, but is
otherwise quite different. sftp is expressly designed to operate
(securely) in modern networks. Unlike the steaming pile of ftp/ftps
stench.
Put another way, move to sftp where you can.
If you can't use sftp, then you could shovel the bits over to the
Windows PC box and use FileZilla to transfer the files. (I'm here
presuming that your FileZilla test is using the same network path as
the OpenVMS system that you're testing with. If it's not, then
firewalls are back in play, and we can once again enjoy the wafting
stench of ftp and ftps.)
Various versions of cURL can be used to access ftps servers, too, and
there's a cURL port for OpenVMS. (Whether that port does ssl and thus
ftps, I don't know.) And there are probably some Java ftps clients
around.
Or use a VPN, which would reduce the exposure of ftp and ftps to the
vagaries of the intervening network firewalls.
Now the other wildcard here might be the use of "secure ftp", which is
tunneling ftp (gag) through ssh. That would normally use port 22,
because it's using ssh. Though the use of ftpes via Filezilla would
tend to belie that use, though.
In general, if there's a support contract in place with HP, call the HP
support center and have them sort this out. There have been some bugs
in recent versions of the TCP/IP Services for OpenVMS package, and this
might be another one.
And yes, you could reasonably infer I'm not fond of ftp.