× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2024

Re: Inbound SSH allowed to be used with Code for i and other tools ?

Yep. I think I'm learning it's OK for dev systems, but perhaps not for production. At least not without proper security setup.

Or just start/end the daemon when transferring stuff. Although that could be painful.

Regards,
Richard Schoen
Web: http://www.richardschoen.net
Email: richard@xxxxxxxxxxxxxxxxx
------------------------------

message: 4
date: Wed, 30 Oct 2024 14:45:18 -0600
from: Charles Wilt <charles.wilt@xxxxxxxxx>
subject: Re: Inbound SSH allowed to be used with Code for i and other
tools ?

We allow it...from within our network ( including via VPN).

At least to our DEV system. I believe our prod boxes have it as I think some of the management tools in use need it.

Not really any different than SSL Telnet, and I'd be willing to bet at least some of the companies not wanting to allow it still use unsecured TELNET.

Generally, any open public port could be subject to a DOS attack of some sort.

Charles


On Wed, Oct 30, 2024 at 12:51?PM Richard Schoen <richard@xxxxxxxxxxxxxxxxx>
wrote:

Using SSH with IBM i.

How many of you work in businesses where you're allowing SSH to be
used with tools like VS Code ?

I'm hearing varying opinions because of potential security issues.

Was talking to a large insurance company yesterday and they asked best
way to secure SSH. Currently they don't allow it so RDI only tool
option for editing.

Also if allowing SSH, what's a good way to monitor SSH connections and
connection attempts ? (I know I've seen SSH be used for DOS attacks
before on public IBMi systems.)

Would be interesting to see Mapepire and/or codefori server morphed
into an appropriate server that wouldn't require an SSH connect.

I've done connectivity via jt400 in Java and .Net for years before we
had SSH.

I would love to hear your opinions as the hesitation because of system
compromise is real.

Regards,
Richard Schoen
Web: http://www.richardschoen.net<http://www.richardschoen.net/>
Email: richard@xxxxxxxxxxxxxxxxx<mailto:richard@xxxxxxxxxxxxxxxxx>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.