I am trying to remotely access the iSeries securely on a blackberry.  I
have an ssh client for the blackberry phone, so I can ssh to the Linux
partition on the iSeries, then use tn5250 to access the iSeries and have
the communications encrypted.  Does this not sound reasonable?

You'll have all sorts of fun problems with keyboard mapping doing that. It doesn't provide much benefit over simply using the "telnet" command on the Linux partition to connect to the iSeries.

Is there a better way to access iSeries remotely over an encrypted network?

A few thoughts:

a) Get a SSL-aware TN5250 client for the blackberry. That way you can connect encrypted straight to the iSeries.

b) If you can't find a SSL-aware TN5250 client for the blackberry, you can use a normal TN5250 client running through an SSH tunnel. Create the tunnel from the Blackberry to the Linux box, and tell the Linux box to connect it to the iSeries.

On my Unix machine, I can type:

     ssh -L 8023:192.168.5.4:23 unixbox.example.com

What that does is SSH me into the Unix box and create a tunnel that goes from my local port 8023 to my iSeries (which is IP address 192.168.5.4) on port 23.
[
Now I can point my TN5250 client to port 8023 on my local machine, and it'll use the SSH tunnel to connect to my iSeries.


In either case, the traffic is encrypted. Now, I'm not familiar with blackberry or what software is available for it, so I can't help much with that end of the connection. I suspect that our TN5250 client could be ported to it relatively easily if you're familiar with C programming for the blackberry.

Your solution of running the Curses version of TN5250 on the Linux box would also work, but again, the keyboard would be screwy.


This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].