True..but if you do it wrong you can lock out pretty much everything for TCP/IP...it's loads of fun!!
It's why I always set it up to OBEY for TCP IP after the stack is up and running...just in case security does something weird. Rob Schramm On Tue, Sep 22, 2020, 17:02 Kirk Wolf <k...@wolf-associates.com> wrote: > That will do it! > > BTW: AT-TLS has no relationship with IBM z/OS OpenSSH. > > On Tue, Sep 22, 2020 at 12:00 PM Lionel B Dyck <lbd...@gmail.com> wrote: > > > Found issue with SSH - I had created (mkdir) the .ssh directory so it had > > the default permissions. Should have let ssh-keygen create it. > > > > Tried adding logging to pagent for ftp - overloaded with messages and > > reading them now. > > > > Thank you > > > > > > Lionel B. Dyck <sdg>< > > Website: https://www.lbdsoftware.com > > > > "Worry more about your character than your reputation. Character is what > > you are, reputation merely what others think you are." - John Wooden > > > > -----Original Message----- > > From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf > > Of > > Mike Hochee > > Sent: Tuesday, September 22, 2020 11:39 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: AT-TLS issues with FTP and SSH > > > > Regarding the AT-TLS issue, your pagent is likely encountering a problem > in > > the FTP section (of course!). Look at the log it generates, and if you > > don't have one, add the logging option to the pagent start command. If I > > remember correctly, there's also a verbose setting. I found the logs to > be > > extremely useful. > > > > HTH, > > Mike > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > > Behalf Of Lionel B Dyck > > Sent: Tuesday, September 22, 2020 11:08 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: AT-TLS issues with FTP and SSH > > > > Caution! This message was sent from outside your organization. > > > > We just enabled AT-TLS (PAGENT) on a test LPAR and immediately ran into > two > > issues: > > > > 1. The FTP Client ceased to work (until we commented the FTP section in > the > > pagent_TTLS.conf file) > > a. No issues doing an FTP into this LPAR. > > 2. Git stopped working due to SSH. > > > > A simple test is: ssh mailto:g...@github.com > > > > And for that I'm getting: FOTS3322 Passwords may not be entered from 3270 > > terminals > > > > If we stop PAGENT then everything works. > > > > Can anyone offer any pointers/tips/solutions to either of these problems? > > > > Thanks in advance. > > > > > > Lionel B. Dyck <sdg>< > > Website: https://www.lbdsoftware.com > > > > "Worry more about your character than your reputation. Character is what > > you are, reputation merely what others think you are." - John Wooden > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, send > email > > to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, send > email > > to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN