02-25-2011 07:48 AM
Any solutions on how to automate that would be greatly appreciated!
My goal is to encrypt a text file on OpenVMS, FTP it to a Windows file system and then view it there later.
On my OpenVMS systems, I only have Zip for encryption. I am aware of GnuPG and I thought it was available for OpenVMS, correct?
I currently have to do this on OpenVMS v7.3-2 but would also need to support v8.3-x soon.
Solved! Go to Solution.
02-25-2011 08:29 AM
Did you try this "trick": "zip -h"? It leads
to this "trick": "zip -h2", which leads to
yet another "trick":
-e use standard (weak) PKZip 2.0 encryption, prompt for password
-P pswd use standard encryption, password is pswd
Putting a password into a script/procedure
was considered so bad an idea that "-P"
wasn't documented in earlier Zip versions
(other than in the source code). We got
tired of answering the question, however, so
now "-P" is described in the (extended,
"show more") help. We're still waiting for
the question to stop appearing, of course.
> I am aware of GnuPG and I thought it was
> available for OpenVMS, correct?
Is Google broken?
> [...] OpenVMS v7.3-2 but would also need to
> support v8.3-x soon.
Zip should be good back to VMS V5.4 (at
least). GnuPG probably would have trouble
before V7.0. I haven't tested it on anything
before V7.3. (To the extent that I've tested
it at all. But what could go wrong?)
02-25-2011 09:37 AM
I had already picked up GnuPG from your web site and just built it on a test box I have before I got your answer concerning Zip. I will try to stick with Zip since it works seamlessly in WinXP, so far.
I find that the zip "-P" command works to encrypt in a batch job.
02-25-2011 10:45 AM - last edited on 08-04-2011 11:28 AM by Kevin_Paul
If you get so far as to worry about how to
get a passphrase into GnuPG
non-interactively, then you might look at:
02-25-2011 10:55 AM
Here is an example of encrypting and decrypting a text file, and then a BACKUP saveset:
Here are some general considerations with encryption:
If you're embedding keys into DCL procedures, you really don't really have encryption; that key is rather exposed. You will have the effort and the overhead of encryption, but with rather less of the security. (The V8.3 tools can help here, as you can easily load and remove the keys.)
I might well look to use SSL or sftp here, too, given this proposed configuration really don't have end-point security. Viewing the file resident on OpenVMS from the remote client can also be easily feasible via https, for instance. Probably also via WebDAV via https, too, given OpenVMS Apache did appear to have that capability, and given that Windows and Mac OS X can access WebDAV with rather less hassle than can VMS.
02-27-2011 01:04 PM
copy and paste from production code creating an encrypted ZIP file to be sent into the PC world:
$ ZIP -qmj "-P" 'pass' 'zipname' 'scratch'*.CSV
symbol pass contains the ZIP password, zipname is the name of the zip file and scratch is a directory containing a number of CSV files to be zipped and encrypted.