What tools are available to encrypt or password-protect a file stored on the IFS?
*integrated file-system, accessible from Windows
You could setup object security so only certain users can view the file.
There are encryption tools available for purchase. There is also some built-in APIs for encrypting.
Here are some resources to look into:
Scenario: Key Management and File Encryption Using the Cryptographic Services APIs
The Next Step in Security
A Simple Encryption/Decryption Algorithm for Numbers
Cryptographic Services APIs
Most of these articles deal with encrypting data in a table, but the concepts should help you encrypt a file on the IFS.
Or you could simply encrypt the file from a Windows box with ccrypt or TrueCrypt (perhaps not what you are looking for). Both are free. As is GnuPG which has a windows port and is probably the best of the bunch.
Don't forget that iSeries with PASE can run many AIX programs as is.
ccrypt for AIX could almost definitely be made to run on the iSeries and be called from QSH. And similarly for GnuPG for AIX; it could be run on the iSeries itself.
There is PkZIP for the iSeries which can provide encryption.
You could also 'roll your own' encryption using Java Cryptography.
We are currently using Arpeggio, which is free. We used to use PKZip, but were able to replace that tool with the free Arpeggio software. Seems to work well
You can set the authority to the file so only users in one group have access to it. I think its option 9 I don't have access to a iseries at this moment.
You can pull a port of GnuPG from Scott Klement's website at : https://www.scottklement.com/gnupg/. We have been using it without issue for years.
A lot has changed since this question was asked! IBM i now has extensive support for open source software in PASE. Several of the other answers here mention packages that IBM now provides for no cost as RPMs, easily installable via yum (or the Access Client Solutions GUI, which includes a graphical front-end for yum). Here is just a sampling of IBM-packaged tools you could use for encryption of IFS files:
GnuPG
p7zip (POSIX version of 7-Zip, compatible with and mostly superior to PKZIP)
Python, Node.js, and other programming languages, with access to various encryption libraries
Note that the RPM-based packaging is only supported on IBM i 7.2 and above. (Some people have been able to get it working on 7.1, but this requires the right combination of PTFs and know-how.)
For those on older (and by now, far out of support) versions of IBM i and its predecessors, you may be able to use Scott Klement's ports of GnuPG and p7zip, or Per Gummedal's iSeriesPython.
Related
I am trying to encrypt my USB stick with AES 128/256 encryption. I am new to the game and need some advice, google has not been my friend so far.
All i would like to do is encrypt the whole USB stick so that i end up with one like this AES USB.
Any help is appreciated.
Here are your choices for encryption:
Hardware encryption - get an USB flash drive that has the encryption logic programmed into its firmware (like the one you linked to).
Pros: Works in any operating system, no software installation necessary.
Cons: This is a more expensive option.
Software encryption - either get a flash drive that comes with a software, or download and install software that will encrypt your drive.
Pros: Less expensive option, some of good software to do this is either free or low-cost.
Cons: The software is operating system specific, so if you need a cross-OS approach, then you will have to find a program that has versions for multiple operating systems. Also the software will either need to be installed on any computer you will stick the flash drive into (most probably requiring you to be an administrator on that computer), or hopefully it can have a portable version that can be run directly from the USB drive.
Most USB flash sticks manufacturers have hardware-encrypted sticks in their assortment - you can ask around and read some reviews and choose one to your liking.
For software programs - the easiest option for Windows is its built-in BitLocker program, it is available on most recent Windows versions.
For cross-platform - look at tools like VeraCrypt, GNU Privacy Guard and others (again do your research and pick the one you like).
Another viable option is just to put the files you want to restrict access to in a password-protected ZIP archive.
Hope this helps.
I am trying to implement code where I can send and receive the SOAP messages to IBM MQ. As of my knowledge jar file are required for my code to work, but could not find any place where either I can download the files or can do whole setup of WebSphere 6.0
Do anyone have any idea how can I get it ?
Please be aware that grabbing the jar files from an MQ Server or other installation is not supported by IBM and never has been. However, because it is one of the most commonly used methods to install the MQ client for Java or JMS and fairly common in Java developer culture, IBM has provided a Java-only install option. Please see the Redistributable Clients page in the Knowledge Center for details.
As the name suggests, this install provides an MQ Client package that can be redistributed with independently developed MQ applications. While that is helpful, the main reason IBM provides it is to provide a lightweight install package that...
Contains the correct and complete set of jar files as packaged by IBM.
Is intact and verifiable against a known specification and inventory.
Can reliably be expected to perform as per the documentation set for that version.
Contains all of IBM's diagnostic utilities both in the compiled binaries and in the Java classes.
Contains additional utilities such as GSKit for managing certificates.
Can be patched using IBM's standard Fix Pack install media so that integrity of the installed classes and libraries is preserved.
When using IBM's install media and procedure, the result is far more stable but int he event something goes wrong, the presence of the diagnostic utilities and conformance to a standard install procedure can dramatically reduce outage durations.
Also, there are occasional instances in which a customer with full support entitlements is told that their non-standard installation is not supported and they need to correct it before continuing the PMR. Though this doesn't happen often, in most cases the problem is resolved when the MQ client is installed according to spec. When that doesn't fix it, at least diagnostics can proceed at a faster pace.
The link above has all the details, including links to the client downloads, and is highly recommended reading. You can also go directly to Fix Central for the downloads. Fix Central offers all supported MQ client versions and the relocatable clients come in v8.0 and up. In the download list, look for the "All Java" package.
As Tim noted, mixing client and server versions is supported, provided both client and server are currently in service. Generally you want to develop against the latest version of MQ client because it has the most recent client-side features and will have the longest service life before a version upgrade is required.
Assuming you're on a Unix platform for your queue manager, the client will be found at:
/opt/mqm/java/lib
However, all MQ clients are compatible with all queue manager versions. I strongly recommend you use a client which is still supported, which means 7.1, 7.5, 8.0, or 9.0 at time of writing. These are freely downloadable from the SupportPac website.
The SupportPacs of interest are those starting 'MQC'. SupportPac MQC8 for example contains the MQ V8.0 client.
Thanks everyone. Just an update to the above answer. In my case I have asked the WebSphere administrator for providing me the lib folders which contains all the required MQ jar files.
I have asked him to provide following files from the C:\Program Files (x86)\IBM\WebSphere MQ\Java\lib\ folders:
* com.ibm.mq.jar
* connector.jar
* com.ibm.mq.jmqi.jar
* com.ibm.mq.headers.jar
* com.ibm.mq.commonservices.jar
I have a SSIS package that writes the output to Flat file.
Now I need to PGP encrypt the output file and further decrypt in other packages. I am curious if anyone knows of how to do this, or better yet a website with helpful hints on how to do it.
Thanks
Assuming you want to do the en/de-cryption within SSIS, the simplest method will probably to explore the command line version of whichever encryption software you are using, and execute it using an Execute Process task.
If you haven't yet selected encryption software, obvious choices include PGP (commercial) and GnuPG (open source).
The other option would be to write .Net code to carry out en/de-cryption in a Script Task - this would require a .dll from PGP or GnuPG. Various generic .Net examples (not specific to SSIS) are available - like this one - but I can't comment on their completeness or quality.
This SQLServerCentral thread may have some useful pointers.
For stable, well-supported and updated PGP-compatible SSIS task check our BizCrypto product.
Check the third-party commercial CozyRoc SSIS+ library. It includes OpenPGP Task and many other useful extensions.
Are there any restrictions for using coherence.jar without any license?
coherence.jar is open for downloading without any fee.
You can use it for development purposes. Any other purpose means purchasing a license. On the download page is a link to the license agreement that states:
You may not:
use the programs for your own internal data processing or for any
commercial or production purposes, or
use the programs for any purpose
except the development of your
application;
use the application you develop with the programs for any internal data
processing or commercial or production
purposes without securing an
appropriate license from us;
continue to develop your application after you have used it for any
internal data processing, commercial
or production purpose without securing
an appropriate license from us, or an
Oracle reseller;
remove or modify any program markings or any notice of our
proprietary rights;
make the programs available in any manner to any third party;
use the programs to provide third party training;
assign this agreement or give or transfer the programs or an interest
in them to another individual or
entity; - cause or permit reverse
engineering (unless required by law
for interoperability), disassembly or
decompilation of the programs;
disclose results of any program benchmark tests without our prior
consent.
The first two points are the most relevant.
On the Coherence download page it says you need to agree to the Oracle Technology Network (OTN) License Agreement to download the software.
That license contains this text:
We grant you a nonexclusive, nontransferable limited license to use the programs only for the purpose of developing, testing, prototyping and demonstrating your application, and not for any other purpose. If you use the application you develop under this license for any internal data processing or for any commercial or production purposes, or you want to use the programs for any purpose other than as permitted under this agreement, you must obtain a production release version of the program by contacting us or an Oracle reseller to obtain the appropriate license.
So it's a free download only for development purposes. (Most Oracle Products are available free to developers.)
But if you want to use this code in production or in a product you're selling you will need a license.
Have you considered using Infinispan as an open source alternative to Coherence?
Don't forget that the version that you download from the public website is usually just the major release. The minor release, with all the many bug fixes, is only available if you have a support contract.
I'm a newbie developers and building an application with 3 other remote developers. I've only worked alone until now, and now I need a way to share my source code with the other developers on the project. All of the project sites out there (SourceForge, Codeplex, Google, etc) seem to be aimed at Open Source development I'm not interested in making our code available to the world, I'm just looking for a method of sharing the code among the four of us. What is the best known method...or how is this usually accomplished?
Set up a Subversion repository (can be accessed across http).
There is an excellent online free book detailing pretty much everything you need to know about Version Control with Subversion
Yep, you need a version control repository which is remotely accessible. Subversion is excellent and very widely used; Git is another good option.
You could set up your own repository - you'll need a server which all devs can access via ssh, or via Apache/WebDAV - or use a hosted service, like Beanstalk, Project Locker, Unfuddle, SVNsite, etc.
http://beanstalkapp.com/
Set up a Subvserion repository (http://subversion.tigris.org/). You can control who may view your data through accounts, plus it gives you document versioning. When paired with a Http server, you can even view the source directly in a browser.
Subversion has all sorts of plugins for Eclipse and even Visual Studio, I believe. Tortise SVN is a stand-alone SVN client you may like, although I recommend an IDE-integrated plugin.
Subversion also goes well with a continuous integration server, such as Continuum.
Hosted: http://wush.net is another Subversion hosting platform.
Or, if you can host your own server, check out the VERY easy to use and VERY free VisualSVN Server: http://www.visualsvn.com/server/
You don't say what computing resources you have available, but the easy choice is to use a central server with say SVN to which you all have ssh access using a public key. You can probably rent such a service for around $10 per month.
If you don't like central servers, you can try Mercurial or git and ssh back and forth between your personal development machines.
If ssh is problematic, git actually enables you to send patches to each other by email (probably Mercurial does too). Ben Lynn's Git Magic tutorial explains.
You can use an online source control (like SVN or Git), and share it only with your team members. You should look into Unfuddle, it's a free source control/project hosting, complete with bug tracking system. I use it for my personal projects and it's awesome.
I think the best solution is Subversion. Subversion is a free source control system that is ideal for your requirement.
You can use many other support tools like Tortoise SVN to make the things more easier.
Here is one of the cheat sheets that describes commands of SVN.
Most of the Web hosting providers support easy one click installation of SVN on their servers. ex : Dreamhost So you can get a setup done very easily.
CVS is another Source control system that are used widely but I haven't seen any providers that support easy installation of CVS but there should be. You can have support tools for CVS such as Tortoise CVS as well.
I don't think you are interested in visual source safe (Microsoft Proprietary and not over Web) so I am not going to add information about it here. :)
You need to set up a source control repository. It's a pretty big topic, I'm really not sure where the best place to start reading about it would be. I'm sure the Wikipedia article on Revision Control will at least give you a bit of an overview.
This seems like a decent introductory series as well: Source Control HOWTO
Subversion works just fine over http/https. It is an open source project, but you can use it for whatever purposes you want.
http://subversion.tigris.org/
Most modern source control systems work well. Subversion is a common one. Which operating system will the developers be running?
If you just want to get up and running quickly with something, check out a hosted subversion system like www.beanstalk.com or www.unfuddle.com.
Subversion is open source, and I know you don't need it, but there are a lot of options here. If on Windows, check out Tortoise SVN. If on a Mac and you don't want a command line client, check out Versions.
You can actually setup google code to only allow viewing/editing by registered members. And I don't think they force any licenses either.
We currently use VSS but are in the process of migrating everything over to Source Gear Vault because VSS makes jumping out of our third story windows a common thought...
Here is a free solution with premium options available... https://freepository.com I have not tried this one.
Try github. It will cost you $12/month though.
Just use devunity.com. upload your code via zip or import it from svn and thats it. lets you collaborate around code instantly.