Open Sourcing Access to Linux or Windows from MPE/iX
June 14, 2012
DSLINE is a classic networking access service provided for HP 3000s. The software is so classic that HP once charged separately for NS3000/iX Network Services. One user wanted to employ DSLINE to make connections, starting from MPE systems and into remote Linux and Windows servers. Sending commands was the task to be performed.
"I currently use a Reflection script to do the job," said Krikor Gullekian. "However, we are moving away from that and creating a JCL for it. I am using FTP to create a file on the host system which is activating commands to run, and that works, but it's a little cumbersome. That's why I was wondering if there were any other way."
Another community member pointed to using the ssh client included on the HP 3000. In theory, so long as the Linux and Window servers have an ssh server, then Gullekian should be able to run remote commands via ssh. But there's some hurdles to overcome in using ssh on a 3000 for remote command execution.
Brian Edminster of Applied Technologies, who's maintaining a repository of these sorts of open source tools for 3000s, warns that ssh needs some improvements to let it perform the same level of work as Linux or Windows versions of the remote access tool.
Unfortunately, the available ssh client for MPE/iX is none too current, and is essentially 'broken' with regard to remote command execution. As I recall, it has something to do with SELECT being busted on MPE/iX. It works well enough to support scp and sftp though, but that's pretty much it.
Edminster has created workarounds for anyone who needs password-free invoking of secure remote scripts, however. What's more, it appears that the MPE way of writing such received files to disk is more secure than the other platforms' FTP services.
"What I've had to do in environments," Edminster says, "where I want passwordless secure remote script invocation (ala ssh) is to have a scheduled task (via cron or whatever) that looks for and executes specifically named scripts, one that then removes the script when done executing."
To avoid having the remote cron beginning to execute a partially sftp-put file, I'd send it with a '.tmp' suffix, and then rename it upon successful completion of the put and/or chmod the file to make it executable when I'm ready to have it run (rename and chmod being atomic operations). This is necessary because, unlike MPE/iX, many systems FTPd (and likewise, sftpd) will start writing the received content to disk as soon as it receives it -- making a partially received file 'visible'.
Yes -- we've been spoiled in MPE/iX Land.
For what it's worth, on my bucket list is either an update to the OpenSSH port (with an attempt to fix remote command execution), or port of other, simpler ssh implementations. If the OpenSSH implementation for MPE/iX is what you want to try, you can get the necessary files either from the fine folks at Allegro (from their website), or from www.MPE-OpenSource.org.
I'd be happy to work with anyone that needs help getting this OpenSSH port installed and operating -- including how to get around some of its limitations.
Over at the Allegro website, Edminster's MPE OpenSource site is named as the best destination for such software.
Those looking for MPE/iX ports of Open Source software that were formerly hosted at HP’s “Jazz” and other sites will appreciate http://www.mpe-opensource.org. Currently the site offers an updated all-in-one package of the components required to implement the SFTP Secure File Transfer Protocol on MPE/iX 6.5 or later. This package includes Perl, the Gnu Compiler Collection (GCC), as well as GNU tools, SSL, SSH, and required dependencies.
With that said, Allegro's Donna Hofmeister did point out that the company has a great whitepaper on using SFTP, as well as accompanying downloads. Look for "SFTP" on the Allegro whitepaper page.