MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » April 2014

RE: Encryption methods on the i



fixed

It appears the latest version available is 0.9.8m per the PTF listing
located at http://www-01.ibm.com/support/docview.wss?uid=nas8N1012172 so
we should all be fine.

Not sure what you have or need to show a manager?

1. call qp2term
2. cd /QOpenSys/QIBM/UserData/SC1/OpenSSL
3. ls

On my system I see:
openssl-0.9.7d openssl-0.9.8j


Are we having fun yet???

Amy Hoerle
System Administrator
Think Mutual Bank
5200 Members Pkwy NW, Box 5949
Rochester, MN 55901

507-536-5815 or
800-288-3425 Ext 5815
ahoerle@xxxxxxxxxxxxx



From: "Jim Oberholtzer" <midrangel@xxxxxxxxxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 04/10/2014 08:51 AM
Subject: RE: Encryption methods on the i
Sent by: midrange-l-bounces@xxxxxxxxxxxx



The version of OpenSSL on the V7R1 and very recent PTFs that I have is 9.8
so that is before the problem.

--
Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Raul A. Jager W.
Sent: Thursday, April 10, 2014 8:50 AM
To: Midrange Systems Technical Discussion
Subject: Re: Encryption methods on the i

Does the apache in the i have the vulnerability?

Bradley Stone wrote:

Is there a reason that you can't just use SSL or TLS for the
transmission (either over FTP or HTTP)?

Of course, making sure your OpenSSL is patched first. :)

Why add a layer of complexity on both ends when you can have the system
do it for you?

Brad
www.bvstools.com


On Wed, Apr 9, 2014 at 11:15 AM, Charles Wilt
<charles.wilt@xxxxxxxxx>wrote:



The API's David pointed out are what you want.

Realize that you'll need to open the file in binary mode and the the
decrypted results will be in ASCII.

Charles


On Wed, Apr 9, 2014 at 12:07 PM, Jeff Young <jyoung0950@xxxxxxxxx>
wrote:



Based on the information I have at this time, they want to just
encrypt


the


data on their system (non ibm i) before transmission to prevent
unauthorized access.
They are sending ascii csv data, so the records and fields with them
are varying length.

Jeff Young
Sr. Programmer Analyst


On Wed, Apr 9, 2014 at 10:55 AM, <rob@xxxxxxxxx> wrote:



Encrypting the actual data, or the communication?
For example, I could use sftp to transfer files encrypted between
two systems. That would encrypt the communications but not the
actual data itself. You could put a sniffer on that comm but you
would not be able


to


make any sense out of that.
Many people use free sftp between disparate entities.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: Jeff Young <jyoung0950@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx


Date: 04/09/2014 10:42 AM
Subject: Encryption methods on the i
Sent by: midrange-l-bounces@xxxxxxxxxxxx



All,
I have a client that is presently sending files from another system


(not


i)
to the IFS in CSV format..
They are planning to encrypt the data prior to transmission and my


program


will need to decrypt it before processing.

What encryption / decryption methods are available on the i to do
this?
At this time, the client has not chosen an encryption method and
they


want


to ensure that the decryption process is available for the i.

At this time, they are not looking for a commercial solution, and I


would


prefer a solution that could be used an ILE RPG program, or a system
command.

TIA,

Jeff Young
Sr. Programmer Analyst
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To
subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please
take a moment to review the archives at
http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing


list


To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please
take a moment to review the archives at
http://archive.midrange.com/midrange-l.




--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing


list


To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
http://archive.midrange.com/midrange-l.




--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
http://archive.midrange.com/midrange-l.





--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.







Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact