Unknopwn device type 3030200F

Hello, We are trying to recover a catalog's contents by using the output of a previous LISTCAT. The device type 3030200F does not seem to be documented (https://www.ibm.com/docs/en/zos/2.3.0?topic=fields-device-type-translate-table). Does anyone know the corresponding device ? Regards,

Re: Unknopwn device type 3030200F

Thanks Attila. *De :* Attila Fogarasi [mailto:fogar...@gmail.com] *Envoyé :* jeudi 25 janvier 2024 à 12:17 *Pour :* IBM-MAIN@LISTSERV.UA.EDU *Objet :* Unknopwn device type 3030200F 3030200F means shared 3390, documented

pax and extended attributes

I have to move some directory trees from one file system location to another. The tree is rather complex (dozen directories, hundreds files) and some files do have extended attributes. My goal is to preserve all the metadata like files ownership, FSP, ACL, tags, audit flags, etc. I tried to

Re: pax and extended attributes

Classification: Public You probably need the -p e switch: e Preserves the user ID, group ID, file mode, access time, modification time, extended attributes, and ACL entries. Prior to z/OS 1.8, audit flags and file format

Re: New SSH vulnerability

Classification: Confidential It does take some time for the fixes to be developed, tested and distributed. -Original Message- From: IBM Mainframe Discussion List On Behalf Of Jousma, David Sent: Thursday, January 25, 2024 8:04 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: New SSH

Re: OT-ish: Very old IBM hardware & manuals available

I started on a 650, and that had a 2,000 word drum. The 305, before my time, had a 2400 character drum. I'm not aware of any IBM drum smaller than that. -- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 עַם יִשְׂרָאֵל חַי נֵ֣צַח יִשְׂרָאֵ֔ל לֹ֥א יְשַׁקֵּ֖ר

Re: Encryption and decryption - processor or TCPIP

> Actually, every processor core includes its own CPACF coprocessor section. > In other words, CPACF is "on core." It's a fine distinction. My background is in HW so I describe it as separate from the "CP" proper, even though it is on the same chip. Eric Rossman

Re: pax and extended attributes

Someone told me to use the following to get all the attributes You create a file using pax -o saveext -wf *pax_file_name files_to_add* and pax -ppx -rf *pax_file_name* to extract the files. On Thu, 25 Jan 2024 at 13:49, Styles, Andy (CIO GS - Core Infrastructure & IT Operations )

Re: Encryption and decryption - processor or TCPIP

Hi, there is another possibilty for a delay in TLS session setup: When you connect in clear to a TN3270 server and then have told your client to use STARTTLS. This may be a fast initial solution in case when your firewall cerberos :-) cannot rapidly a new port, i.e. 992. Best /PS

New SSH vulnerability

Looks like a fairly new SSH vulnerability has surfaced…Anyone figure out a local remediation for this yet? As per usual, IBM is mum. There is no fixing PTF yet based on what I see in ResourceLink. QID 38913 Severity HIGH Definition SSH Prefix Truncation Vulnerability (Terrapin)

Re: Unknopwn device type 3030200F

3030200F means shared 3390, documented in UCBTYP in Data Areas manual or look in the UCB macro. DFSMS manual didn't bother to document the shared bit :) On Thu, Jan 25, 2024 at 9:01 PM MANCINI Frédéric (80) < frederic.manc...@dgfip.finances.gouv.fr> wrote: > Hello, > We are trying to recover a

Any Recovery for RMODE64

Just wondering is there any recovery for a program running RMODE 64 don't see that with ESTAE or SETFRR As more and more services run above the bar More so SDWAEC1 and SDWAEC2 are only 8 bytes thanks -- For IBM-MAIN

Re: RACF Automation (Cross Posted)

On Thu, 25 Jan 2024 17:51:46 -0500, Bob Bridges wrote: >Back when my client in Ohio installed it, we called it "Sam-Jupiter". It appears that Beta Systems acquired the product and call it Beta-Access. https://www.betasystems.com/en/products/beta-access/ It also appears they removed

Re: Custom ISPF command

My editor of choice at home, Tritus SPF, has a BOTTOM command, and I keep finding myself typing BOT at work when it should be DOWN MAX. If I do a custom command table for ISPF/PDF EDIT, the first two commands I add will be BOTTOM and BOT. -- Shmuel (Seymour J.) Metz

Re: RACF Automation (Cross Posted)

I don't even know if the product still exists. -- The closest IVP that I know of is OKTA. OTKA Can administer lockouts and password. However in our world there is nothing cheap And easy. The down side of ROLLING your own you have to administer and maintain it And no one wants to spend the

Re: New SSH vulnerability

1) /etc/ssh/zos_ssh_config CiphersSource ICSF This has nothing to do with the CVE, and I wouldn't use this. The default (CPACF) uses significantly less CPU than going through ICSF. Same goes for MACsSource 2. /etc/ssh/sshd_config Algorithms to exclude: Ciphers #remove the following:

Re: pax and extended attributes

On Thu, 25 Jan 2024 14:42:46 +0100, Radoslaw Skorupka wrote: >I have to move some directory trees from one file system location to >another. >The tree is rather complex (dozen directories, hundreds files) and some >files do have extended attributes. >My goal is to preserve all the metadata like

Re: pax and extended attributes

W dniu 25.01.2024 o 18:07, Paul Gilmartin pisze: On Thu, 25 Jan 2024 14:42:46 +0100, Radoslaw Skorupka wrote: I have to move some directory trees from one file system location to another. The tree is rather complex (dozen directories, hundreds files) and some files do have extended attributes.

Re: Encryption and decryption - processor or TCPIP

If I’m interpreting the z16 materials right it’s within the core’s area. From: IBM Mainframe Discussion List on behalf of Eric D Rossman Date: Thursday, 25 January 2024 at 15:07 To: IBM-MAIN@LISTSERV.UA.EDU Subject: [EXTERNAL] Re: Encryption and decryption - processor or TCPIP > Actually,

Re: New SSH vulnerability

Allan speaks truth. Looks like the OpenSSH team addressed the Terrapin attack hot on the heels of the CVE ... https://www.openssh.com/releasenotes.html (9.6 is discussed at the top of the release notes) OpenSSH 9.6p1 is in the Chicory collection. (Was troublesome because of forced upgrades

Re: New SSH vulnerability

We were able to remediate the situation by the following ssh config changes. Thanks to our invisible friend kekronbekron for pointing me to some additional helpful information. EDIT /etc/ssh/zos_ssh_config Command ===> ** * 01 # set crypto

Re: RACF Automation (Cross Posted)

On Tue, 23 Jan 2024 12:39:47 -0600, Steve Beaver wrote: >I have a customer that would like to AUTOMATE RACF. Did you solve your problem? You need to clarify what AUTOMATE RACF means to the customer. What is the problem the customer is trying to solve because they can't mean automate.

Re: Encryption and decryption - processor or TCPIP

You are correct. It's on the same piece of silicon NOW. My original point is still good. I don't understand why there is a focus on a minor detail of the physical layout of the chip. Correcting my original statement. "The CPACF is a PIECE OF THE CP that runs in lockstep with the CP that invokes

Re: OT-ish: Very old IBM hardware & manuals available

Robert Definitely you should contact the Computer History Museum; they are some what unique in that they collect old documents and software relating to computers in addition, of course, to hardware. At one point they went to Germany, I think, to pick up and ship to the US a whole bunch of old

Re: RACF Automation (Cross Posted)

ACF2 has since added full support for RACF-style groups, and some ACF2 shops have made the change to using those instead of UID strings. This was before that, though, and I'm pretty sure they handled it by storing, for each role, groups of UID strings. I don't remember the details of how that

Re: OT-ish: Very old IBM hardware & manuals available

I'm pretty sure that the thing I saw was significantly older than 650.  The bits were so big that they were using an oscilloscope to see them.  I don't recall if they said what machine that drum connected to.  I had gone there for some big deal event and it was very crowded. Anyway, it's

Re: Any Recovery for RMODE64

Please search the archives. Peter Relson posted on IBM-Main back in 2020 on the restrictions on RMODE 64 in some detail, including recovery issues. Rob Scott Rocket Software Sent from Outlook for Android From: IBM Mainframe Discussion

Re: Custom ISPF command

On Tue, 23 Jan 2024 16:19:01 -0500, Bob Bridges wrote: >I used to add my own commands to the ISPF command table. But somehow I got >out of the habit; I went to a new site, didn't get around to it, got used to >just putting "TSO" in front of commands, then forgot where to go to do it the

Re: Encryption and decryption - processor or TCPIP

To complement, clarify and organize in few points: 1. We have symmetric and asymmetric crypto. And some other crypto-related functions (SHA, RNG). However it worth to know, the asymmetric crypto is approx. 1000 times slower than symmetric crypto (with the same crypto-strength). That's why we

Re: RACF Automation (Cross Posted)

Back when my client in Ohio installed it, we called it "Sam-Jupiter". I don't know what the extra name implies. The client seemed content with their choice, although it was really designed to work with RACF and this is an ACF2 client. Also Sailpoint, but I think you mentioned that possibility

Re: RACF Automation (Cross Posted)

On Thu, 25 Jan 2024 10:15:57 -0600, Steve Beaver wrote: >I don't even know if the product still exists. -- The closest IVP that I know >of is OKTA. See if SAM (Security Administration Manager) still exists (possibly rebranded). The company no longer exists but I found

Re: Unknopwn device type 3030200F

That's a 3390. See the CBTTAPE, file 527, member DATASECT (part of LISTICAT) Matthew Stitt On Thu, 25 Jan 2024 11:00:38 +0100, MANCINI Frédéric (80) wrote: >Hello, >We are trying to recover a catalog's contents by using the output of a >previous LISTCAT. >The device type 3030200F does not

Re: Custom ISPF command

Good point. I do the same kind of thing already with dataset names; I keep a table at each client for my own libraries, and no matter where I go my general REXX library is XG, my JCL library is JG, a scratch data library is DG and so on. There are other abbreviations; XT is the "team" exec

Re: Encryption and decryption - processor or TCPIP

On Wed, 24 Jan 2024 20:15:18 +0400, Peter wrote: >Still I am trying to understand encryption and decryption load goes to >general CP In case if you don't have CPACF or ICSF ? There's no such thing as "don't have CPACF". All machines have it. It's on-chip and part of the instruction set.

Re: Encryption and decryption - processor or TCPIP

I'm trying to put this in my own words. I'm not an expert on Z crypto architecture, but I am sure someone will correct me if I am wrong. The CPACF instructions are like the TRT instruction. You *could* do what TRT does with a loop using IC and compare and so forth, but the TRT instruction is

Re: Encryption and decryption - processor or TCPIP

Nicely put. > Symmetric or "secret key" encryption is probably what you think of when you think of encryption. > You encrypt and decrypt with the same secret key, just like when you passed coded notes in grade school. > It is a part of almost everything where encryption is involved. It is