On Thu, Sep 30, 1999 at 03:48:53PM -0400, Eric Strovink wrote: > Scott Klement wrote: > > > All telnet clients are insecure. > > On the contrary, someone wrote me privately that there is a new AS/400 telnet > server that uses SSL. Plus, the same person indicated that there is already > encrypted password authentication built into the (newest - 1) version of the > AS/400 telnet server. You can read some RFC's that propose that >authentication > (links on the tn5250 developer site). Obviously things have progressed beyond > the proposal stage. > > > I think I see a flaw in that logic... > > Sorry that you misunderstood. Clearly the encrypted link I was talking about >is > the one between the Linux proxy and the the java client. As you say, what >would > be the point of encrypting a connection between a local proxy machine and the > AS/400? > > Based on the new telnet server information above, it may be possible to >encrypt > all the way through the proxy to the new telnet server. But, for those AS/400 > sites that have not upgraded, an encrypting proxy server would still be >useful. > All this stuff about SSL. Yes, indeed the newer TELNET servers for the AS/400's support SSL. That is something that I think we really need here; unfortunately, I'm an American working in America, so I'm bound by export restrictions. Anybody from another country with looser crypto export laws want to write and maintain a patch? Hmm, we can make protocols loadable modules, then people would just need to install the 'SSL loadable module'? In any case, I've looked at SSLeay a while back and noticed that it was fairly simple -- not to mention you can just hack most of the work out of one of the example programs. Unfortunately, I can't help. I'm probably hinting more than I'm allowed as is. -Jay 'Eraserhead' Felice +--- | This is the LINUX5250 Mailing List! | To submit a new message, send your mail to LINUX5250@midrange.com. | To subscribe to this list send email to LINUX5250-SUB@midrange.com. | To unsubscribe from this list send email to LINUX5250-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: email@example.com +---
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.