I've data on a mac server, on which I've several files.
I've to do a c# program which connect to the server and retrieve files which are different.
The server and the workstation will not be on the same network, so I need to have a secure access(the encryption is a plus, but it's mostly about other people cannot go read files on the server).
I taught of several things:
Rsync over SSH(but I didn't found any good library on the .net server, which manage ssh and is recent enough)
Samba(not secure enough?)/SFtp access(but I need to do myself the hash mecanism, check on dates, ...)
What is my best option? Do you have an other (better) idea?
I would definitely use Samba/CIFS. Why is this not secure enough? It is used by Windows operating systems (the MS implementation of it) all over the wolds, in enterprise systems.
Why do you think it is not secure enough?
Related
I need to store credentials for my app. I've read it's a very bad practice to store them with code.
I know, DPAPI is just made for it, but how to use it on Linux like Ubuntu?
So - if I could make DPAPI work on Linux without spending whole day on it - it would be my first choice.
Then it's poor man's security - a file on target machine. So - not with the source ;) The file is in a directory only the admin can access, so it's as secure as the host itself. I can also have the file on my Windows development machine, it's as secure as my machine.
Tell me why the file is bad? ;)
I need to store credentials for my app.
Mmmhmmm.
I've read it's a very bad practice to store them with code.
Not "with code", but in code: i.e. as string literals baked into your executable.
I know, DPAPI is just made for it
Yup.
but how to use it on Linux like Ubuntu?
With difficulty.
So - if I could make DPAPI work on Linux without spending whole day on it - it would be my first choice.
You can't. DPAPI is a Windows thang.
Then it's poor man's security - a file on target machine. So - not with the source
At least on Linux you can take advantage of the far simpler filesystem security model to secure files from access by other users without too much effort (i.e. chmod, compared to Windows where you need to faff around with DACLs (caveat: DACLs are still objectively far,far superior to chmod. Consider using SELinux to get DACLs outside of Windows).
The file is in a directory only the admin can access, so it's as secure as the host itself.
Debatable.
Tell me why the file is bad? ;)
I can't. You haven't told us anything about the file.
Better solution: take advantage of any available hardware TPM to store encryption keys: https://wiki.archlinux.org/index.php/Trusted_Platform_Module
I need to create a C# client with .NET Framework 4.6.2 to connect a server.
My client offers me the possibility to connect to a SFTP server or to a FTPS server, but I don't know which one is the best to connect with.
On this page, I have found this:
No built-in SSH/SFTP support in VCL and .NET frameworks
I need to connect to a server to upload and download files. I also need to monitor a directory on the server to know when a file is on that remote directory.
Searching on Internet I'm not sure if the .NET libraries (SSHNet) that implements SFTP protocol are good enough to a production environment.
I think SFTP is the best option to use but FTPS could be easier to implement a C# client for it.
Or maybe I can use libssh2 to implement a C program that do the job to monitor a remote directory, download any new file on it and upload the files that I need to upload.
Any advice?
If both protocols are fine for your actual needs (as suggested in your question and comments), if it's only a matter of "what's the easiest to use in .Net", I would simply go for FTPS.
It's very fast to implement, since you'll find all what you need in the framework ("FtpWebRequest" class, or more recently "WebClient", etc), even on old versions of the framework.
You can find plenty resource about this on the web or on SO
You have mentioned that you need to "monitor" a folder on remote server. Of course there's no problem with FTPS to retrieve the list of all files of a folder, but it will be in "pull" mode, as frequently as you wish. There's no way for the server itself to push you a notification every time a new file has been dropped. So if you need some real-time notifications, it's not optimal.
My company has an outsourcing partner that hosts data on a z series mainframe. Data is not in db2 but in some older structures. I guess vsam tables, if I haven't misunderstood those mainframe guys. We don't have ih-house knowledge of the mainframe technology. When we talk to partner's mainframe guys it sounds like they speak foreign language. We don't understand them, they don't understand us. PC world and mainframe world are quite different, yeah.
We access data through 3270 terminal emulator (IBM Persona Communications).
Teminal emulator does not connect directly to mainframe but rather to HIS 2000 Server (Microsoft Host Integration Server). HIS talks SNA to mainframe while clients talk tpc/ip to HIS server. We have an internaly developed helpdesk software (writen in c#) that monitors availability of other systems. Now we have request to extend the solution to monitor availability of the mainframe. The idea that we have is to start a 3270 session from our code. If connection suceeds system is available if not it's not available. We don't need to log in to mainframe and access any data there, just check if 3270 connection opens. I know this doesn't mean that actual data is available (sometimes data is locked by batch jobs and we can't access it even though system is up and running) but this approach is good enough for us. Could you point me to some documentation or existing projects? Can we use HIS or Personal Communications libraries. I haven't found any documentation on it.
Well, I finally got it.
I'm using Personal Communication api.
All functions exist in two dlls - pcsapi32.dll (pcsapi functions) and pcshll32.dll (ehllapi functions) that are part of Personal Communication installation.
Everything is well documented in IBM documentation that can be found on
http://publib.boulder.ibm.com/infocenter/pcomhelp/v5r9/index.jsp?topic=/com.ibm.pcomm.doc/books/html/emulator_programming07.htm
or downloaded as pdf.
I had to p/invoke native windows functions and had no problems with it. Tried to use host access code library automation objects but had some issues with it and gave up.
Found usable code example at codeproject site http://www.codeproject.com/KB/cs/all_ehllapi.aspx
I am not sure if the solution I have would work for you. I used IBM PC Communicator Emulator and connected it to MS Excel using the APIs available for it. You can have a look at the APIs coding documentation here - http://publib.boulder.ibm.com/infocenter/pcomhelp/v5r9/index.jsp?topic=/com.ibm.pcomm.doc/books/html/emulator_programming07.htm.
If you need sample code to connect to MF from Excel via 3270 Emulator please let me know, I can provide the same to you.
Regards,
Nitin
nsrivastava2 [at] gmail.com
Does anybody know how I can backup an VMWare ESXi server with C#.net?
Thanks
Not sure if you mean backing up vms, or config. Since you say the "server", I'll go with the config. Not sure how C# should enter into this, either. But, according to the pdf, you can use "vicfg-cfgbackup" command to back up the configuration.
Frankly, I'm working with ESX and not ESXi, but all that command-line stuff is generally how things get done. I've written automation, including some utility apps in C#, to execute SSH commands against the ESX host, and found it to be a successful approach. Most of what I've done has been more around backing up and replicating vms. This is generally a process of archiving the files to another drive (generally mounted as /backup), then push-copying to a centralized backup location on the network. From there, the backup could be picked up by another, larger system like NetBackup, etc.
My Windows client application (written in C#) works with the remote MySQL database deployed on *NIX server.
I'm going to add the ability to store files on the server. I was never fond of storing files in DB, so the files will be stored in the file system. The application will need to upload, download, and delete files from server.
Any approach I can think of requires additional service to be deployed on server.
So far my favorite is SFTP*, but there are other solutions which are IMO inferior:
Web Service - are there any? haven't done any research in this direction.
FTP server - brings at least all the problems connected with protocol itself
WebDAV - interesting option, considering there is Apache module and .NET libraries
Some ad-hoc script (clearly the worst solution)
*I intend to use SharpSSH library, and public key authentication to access special account on the server which will be restricted to SSH operations only
Edit: corrected some terms confusion, thanks to #vartec
SCP has rather limited functionality. SFTP and FISH give you a lot more then plain SCP. (note, that SFTP should not be confused with FTPS)
Example of SFTP C# implementation.
Advantage over other options — no extra configuration at server side required.
I would use vsftpd on the *NIX server side: it's small and easy to configure, and I haven't had any problems with it since I initially set it up about 6 months ago so it's also reliable. I just use regular FTP, but you can do SSL with vsftpd if you're concerned about security.
On the client side there is this free, open source, FTP Client Library for C# made by Dan at C-SharpCorner.com. It works, and it's easy to extend its functionality to do more things. For example, I added a function for changing file permissions on the remote server.
putty and winscp are all you need.