On Sat, 31 Jan 2009 15:28:51 -0500, John MacLerran <[log in to unmask]> 
wrote:

>Dear hp3000-l
>
>A while back, there were postings about using sftp and scp on MPE. I can't 
>remember what the final verdict was, except that I remember someone 
posting 
>that MPE can be an scp client, and that the code was available on jazz. Now 
>that jazz is gone, is it still possible to get the code? How?
>
<< snip >>

John,

Let me appologize up front - this is going to be a fairly long reply.  That would 
be so that I can give you (and any one else interested in this) a fair 
understanding of what's available - as well as some of the challenges in getting 
this software, now that Jazz and Invent3k are officially 'offline'.

For those that are 'bottom-line' oriented, the answer is yes - scp (and sftp) 
clients are available for MPE/iX, and work fine on v7.5.  You can contact me 
off-list if you'd like to discuss how to get a copy of your own.

I've had extensive experience with the sftp client, and some with the scp 
client.  Both work remarkably well, although there are some 'quirks' it helps to 
be aware of.  I'd be happy to discuss those 'off-list' too, if you wish.

Your understanding about how this can work is correct.  The limitation here is 
that while files can be put to or retrived from other systems - since only the 
client is available, the 3000 must originate the transaction.  This can make for 
some process redesigns if your existing applications are used to your 3000 
being the 'server'.  And no, jinetd doesn't need to be running for scp or sftp to 
work.

There is a port (although technically not 'complete') of what is by now a fairly 
old but still workable version of OpenSSH to MPE/iX.  It was done by Ken Hirsh, 
which he had gratiously made available to the 3000 community via his 
'Invent3k' account.  Unfortunately, the 'Invent3k' community development 
server that HP had made available some years ago is, like Jazz, no longer 
online.

I don't recall what version of MPE was used, but I've used the ported software 
successfully on 7.0 and 7.5.  I suspect it'll work on 6.0 or later, but as yet 
haven't tested it myself.  

His port included the 'ssh' command line client, but it had very limited 
functionality due to technical issues too detailed to go into here. 

It also included the client components sftp & scp, as well as a 'entropy' 
(random number) generator written in Perl.  This last piece is necessary 
because the 'random' number functions under MPE/iX aren't very random.  At 
least, not as far as serious cryptography is concerned.  This Perl script 
(modified by Ken to run on MPE) was originally written by others to get round 
not having a kernel based entropy source for *their* systems either.  Poor 
quality random number generation is not just a MPE/iX issue.

The 'server' components (sshd, sftpd, & scpd) were never ported for reasons 
that Ken could possibly explain.  It might have been something as simple as 'he 
didn't need them'.   From my perspective - I'm thankful that Ken did the port in 
the first place, and learned long ago 'not to look a gift horse in the mouth'.

I have installed his OpenSSH port many times, and even tightly integrated it 
with legacy applications.  sftp is still in use many times a day with those 
applications, and since first installed several years go - has safely and securely 
transferred terabytes of data, with no clear end-date for this application's life.

I did a presentation on this at the 2008 GHRUG conference.  A copy of that 
paper is still available on my company's website, if you're at all interested. Look 
at the bottom of the 'Links & Other Resources' page.

I'm currently in the process of adding even more use of sftp and/or scp to 
replace standard ftp in this client's applications, at the insistence of their PCI 
auditors - and so will have more stories to share soon.

The problem for someone coming into this now is:  Where can I get a copy of 
this stuff? (given that Jazz and Invent3k aren't online anymore).  The story, as 
I hear it from industry sources - is that HP's not just granting 'free access and 
use to all' for at least some of the software that was hosted on Jazz.  It's a 
licencing thing, apparently - and as they footed the bill for the porting and 
packaging of at least some of the software previously hosted there - in my 
opinion, that is within their rights.  There are, however - LOTS of software 
that used to be hosted on Jazz that HP had no hand in creating, and therefore 
has no say over it's disposition.  Also - there is no open source software 
previously hosted on Jazz that couldn't be acquired elsewhere (usually the 
'home' for the respective package or port author) and/or replaced by re-
engineering anr/or re-porting it.

Fortunately, much of the software required for creating an installable version of 
OpenSSH is either already on your system - or available from non-HP sources.

I'll be announcing soon what is functionally a replacement repository for much 
of the content previously hosted on Jazz.  I hadn't planned on saying anything 
quite yet, but the closing of Jazz and Invent3k has forced my hand in this 
regard.

Until then, anyone interested can contact me off-list, and I'll see what I can 
do to help.

Brian Edminster, Sr Consultant
www.appliedtechnologies.net
"Providing Robust Solutions and Integration
  - for Today and Tomorrow"

Coming soon: www.mpe-opensource.org  <-- Be sure visit and sign-up for 
launch announcement

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *