On Tue, Nov 22, 2016 at 12:03 AM, Jack J. Woehr <[email protected]> wrote:
> > SSH and secure Telnet3270E essentially use the same security technology, > that is, OpenSSL. > z/OS OpenSSH does include some of the EVP crypto code from OpenSSL for Ciphers and MACs, etc, but it doesn't use any "SSL" or "TLS" functionality. IBM's port also includes support for ICSF algorithms, which bypass the OpenSSL Ciphers and MACs completely. To say the it is the same security technology as TN3270 is very misleading IMO. > ssh -Llocalhost:12345:myzosbox:23 myid@myzosbox > > and after you have logged in via ssh a redirection is established from > your local port 12345 to z/OS's port 23. > > After establishing the redirect, use PCOMM to connect to localhost:12345 > ... Thus, you will be going into the z/OS port 23 via the redirect via SSH > port 22 on the z/OS box. > We do something like this from our Linux workstations. I wrote a script that makes an ssh connection (authenticating with a private key from a password safe) and over this connection it runs a z/OS UNIX command to return a RACF passticket for the userid. Then it starts x3270 with a automation script that connects through the ssh tunnel and automatically logs on to TSO using the passticket. Kirk Wolf http://dovetail.com ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
