[Info-vax] Problem with Filezilla connecting to OpenVMS
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Fri Dec 7 11:14:02 EST 2018
On 2018-12-07 11:05:14 +0000, Colin Butcher said:
> Filezilla 3.16.1 is the final version that works with older VMS
> versions (including HP's V8.4 / TCPIP V5.7-ECO05) in my lab.
>
> You should be able to download it from one of the many file servers out there.
If this down-revision FileZilla is the path that you (the OP) chooses,
or using the ssh and sftp connection downgrade I'd mentioned
earlier—and not an HPE SSH patch or newer VSI sshd, or some other
remediation to bring OpenVMS forward to more recent connection
security—then definitely flag this decision and the tradeoffs with the
security folks or with management. This so that you (OP) don't solely
end up owning any breaches that might arise.
Another option here which hasn't been mentioned is to VPN into a
firewall located in front of the OpenVMS server. Yes, a firewall on an
internal network; isolating the OpenVMS server from even local traffic.
This approach also reduces the exposure of the OpenVMS system itself,
too.
And I'll just leave this OpenSSH discussion here:
https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list