3000 NewsWire: Getting OpenSSL, SFTP Working on 3000s

October 25, 2010

Getting OpenSSL, SFTP Working on 3000s

HP 3000s can use OpenSSL, cryptographic protocols that provide security for communications over networks such as the Internet. SSL can encrypt segments of network connections at the Application Layer to ensure secure end-to-end transit at the Transport Layer. It's an open source standard tool, but deploying it on an HP 3000 can be less than transparent.

Consider the following question from Adrian Hudson in the UK.

Does anyone know anything about putting OpenSSL on a HP 3000? I've seen various websites referring to people who have succesfully ported the software, but with the HP 3000s being used less and less, I'm finding lots of broken links and missing pages. My ultimate intention is to try and get Secure FTP (SFTP) running from Posix on the HP 3000.

Several up-to-date support providers can help Hudson and others who want this security tool running on a 3000. Mark Ranft of Pro3K (612.804.2774) said, "I would be happy to assist. I recently did this for another client. I have all the pieces and instructions to do this." Beechglen's founder Mike Hornsby also has software and experience at hand. "Beechglen has OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17, SFTP and SSHD versions for MPE/iX," he said.

HP placed the OpenSSL pieces in its WebWise MPE/iX software, according to former HP Internet & Connectivity engineer Mark Bixby (now developing at K-12 app company QSS). "When I left [HP's 3000 division], a fully functional OpenSSL was part of the Apache bundle. The last Apache/WebWise patch that I built contained all of the necessary source code and build scripts, and more."

However, Secure FTP is not provided in the WebWise bundle. A longtime friend of the 3000 community, still working in support, provided a white paper on how to set up SFTP for the HP 3000. The paper was written just two years ago.

Cathlene McRae, still working at HP in 3000 support, confirmed Bixby's report on SSL. "WebWise is the product you are looking for. This has OpenSSL." She shared a PowerPoint document of 85 slides written by Bixby in 2002, one of the last years that WebWise was updated for the HP 3000. (You can download these slides, a PDF file, from our site.) A few minutes later, she pointed us to the SFTP paper.

Finally, Keven Miller of 3K Ranger detailed his notes from installing OpenSSL on a 3000, aided by Craig Lalley of EchoTech. I'd be happy to talk with whomever has interest. I would like to do the "port" again with notes so others can reproduce; and place on my website or my Invent3k2 website, invent3k2.org/~GUEST.MILLER

I'm looking on my HP 918 (mpe 6.0 pp2)

Openssl 9.6a
OpenSSL> version
OpenSSL 0.9.6a 5 Apr 2001
OpenSSL>

I believe AFTP did build and run. That would be from OpenSSH. As I recall, the process is

1. install zlib
2. install openssl
3. install openssh

/OPENSSH/V00371P2/openssh-3.7.1p2#sftp
usage: sftp [-vC1] [-b batchfile] [-o ssh_option] [-s subsystem | sftp_server]
[-B buffer_size] [-F ssh_config] [-P sftp_server path]
[-R num_requests] [-S program]
[user@]host[:file [file]]
/OPENSSH/V00371P2/openssh-3.7.1p2#sftp hpux-1
Connecting to hpux-1...
Couldn't connect to PRNGD socket "/tmp/egd-pool": Can't assign requested address
Entropy collection failed
ssh-rand-helper child produced insufficient data
Connection closed

As I recall, I need to stream a job for this EGDPOOL. I hope to get back to this and other porting things.
But work gets in the way.