Re: secure access to AS/400 ?
B. Cook [EMAIL PROTECTED] wrote:Hello All, Seems OT, but I have been asked to give someone remote access to an AS/ 400 we have here. As I am not knowledgeable about AS/400's I do not know if there is an openssh/sshd app that could be put on there. They give everyone access 'locally' via telnet and some IBM gui app at the moment; the software: eNetwork Personal Communications AS/400 Client Access Express for Windows Workstation Program Version 4.3 If they can not find some form of sshd to put on the AS/400, I could give people access to a FreeBSD via ssh and then have them use 'something' to connect to it. Is there some terminal emulator that I would have to give them? I don't know how the AS works or what people use on it or use it for.. so please excuse the seemingly ignorant questions.. Thanks in advance ___ Look at http://tn5250.sourceforge.net/, as far as security your going to be disappointed. If your on the same subnet as the as400, a simple telnet session will allow you in the machine with a user name and pass. IBM dropped the ball with this systems security, as you prob know. For years they have toyed with the idea of killing the OS, but keep it alive at the last second. I work with it, but I don't like IBM's idea of security. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: secure access to AS/400 ?
Mark Busby wrote: B. Cook [EMAIL PROTECTED] wrote:Hello All, Seems OT, but I have been asked to give someone remote access to an AS/ 400 we have here. It is OT. As I am not knowledgeable about AS/400's I do not know if there is an openssh/sshd app that could be put on there. They give everyone access 'locally' via telnet and some IBM gui app at the moment; the software: eNetwork Personal Communications AS/400 Client Access Express for Windows Workstation Program Version 4.3 If they can not find some form of sshd to put on the AS/400, I could give people access to a FreeBSD via ssh and then have them use 'something' to connect to it. Is there some terminal emulator that I would have to give them? I don't know how the AS works or what people use on it or use it for.. so please excuse the seemingly ignorant questions.. Thanks in advance ___ Look at http://tn5250.sourceforge.net/, as far as security your going to be disappointed. If your on the same subnet as the as400, a simple telnet session will allow you in the machine with a user name and pass. IBM dropped the ball with this systems security, as you prob know. For years they have toyed with the idea of killing the OS, but keep it alive at the last second. I work with it, but I don't like IBM's idea of security. According to this: http://www-306.ibm.com/software/network/pcomm/features/ IBM's Personal Communications (which you list) supports secure connections via SSL/TLS. HTH, Kevin Kinsey -- The price of success in philosophy is triviality. -- C. Glymour ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: secure access to AS/400 ? (OT)
On Friday 01 August 2008, B. Cook wrote: Hello All, Seems OT, but I have been asked to give someone remote access to an AS/ 400 we have here. As I am not knowledgeable about AS/400's I do not know if there is an openssh/sshd app that could be put on there. They give everyone access 'locally' via telnet and some IBM gui app at the moment; the software: eNetwork Personal Communications AS/400 Client Access Express for Windows Workstation Program Version 4.3 If they can not find some form of sshd to put on the AS/400, I could give people access to a FreeBSD via ssh and then have them use 'something' to connect to it. Is there some terminal emulator that I would have to give them? I don't know how the AS works or what people use on it or use it for.. so please excuse the seemingly ignorant questions.. Thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] It's possible to set up a sshd on an AS/400 (aka iSeries aka system i). AFAIK you need to run OS Version V5R3M or higher on AS/400 and install the PASE tools lic-program. For more information see the links below: http://www-03.ibm.com/servers/enable/site/porting/tools/openssh.html http://wiki.midrange.com/index.php/SSH Depending on the version of the Client Access Emulator, it's allso possible to setup TN5250 via SSL, but you need to configure SSL on the AS/400 to make this happen. There are at least two 5250 terminal emulatiors in the ports tree. (/usr/ports/net/tn5250 and tn5250j). Cheers ch -- Christian Hiris [EMAIL PROTECTED] | OpenPGP KeyID 0x1A9BE943 OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: secure access to AS/400 ?
B. Cook ha scritto: As I am not knowledgeable about AS/400's I do not know if there is an openssh/sshd app that could be put on there. AS/400 supports telnet over SSL, though I never found it to be in use. If they can not find some form of sshd to put on the AS/400 Normally it all boils down to: they could, but will not bother to (they probably never used it and don't have experience with it, anyway). I could give people access to a FreeBSD via ssh and then have them use 'something' to connect to it. I would not do so, since you would need local users on the FreeBSD box, which I usually try and avoid. Is there some terminal emulator that I would have to give them? If you really want to go this way, tn5250 is in ports. VPNs (with whatever technology) might be a better solution. bye av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: secure access to AS/400 ?
Andrea Venturoli ha scritto: B. Cook ha scritto: As I am not knowledgeable about AS/400's I do not know if there is an openssh/sshd app that could be put on there. AS/400 supports telnet over SSL, though I never found it to be in use. If they can not find some form of sshd to put on the AS/400 Normally it all boils down to: they could, but will not bother to (they probably never used it and don't have experience with it, anyway). I could give people access to a FreeBSD via ssh and then have them use 'something' to connect to it. I would not do so, since you would need local users on the FreeBSD box, which I usually try and avoid. Is there some terminal emulator that I would have to give them? If you really want to go this way, tn5250 is in ports. VPNs (with whatever technology) might be a better solution. I forgot: altough I never tried this, you may want to experiment with stunnel to allow for telnet/SSL on the client side, without the need to enable it on the server side. Disadvantage is, you lose the ability to discriminate which user can connect from the outside and which cannot. bye av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: secure access to AS/400 ?
On Fri, Aug 01, 2008 at 09:27:12AM -0400, B. Cook wrote: Hello All, Seems OT, but I have been asked to give someone remote access to an AS/ 400 we have here. snip Is there some terminal emulator that I would have to give them? Try x11/x3270 Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpRo7Js8X0sa.pgp Description: PGP signature
