- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Rexec on OpenVMS 7.3.2
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2008 10:07 PM
тАО03-03-2008 10:07 PM
Rexec on OpenVMS 7.3.2
I would like to know by enabling REXEC service, do I have the options or how to restrict a particular IP and logon ID for client to access.
Appreciate your details explanation and help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2008 10:27 PM
тАО03-03-2008 10:27 PM
Re: Rexec on OpenVMS 7.3.2
$ TCPIP SET SERVICE REXEC/ACCEPT=x.y.z.w
regards Kalle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2008 02:04 AM
тАО03-04-2008 02:04 AM
Re: Rexec on OpenVMS 7.3.2
One-line questions are often surprisingly difficult to answer. What are you up to, and what are the details of the particular problem you're looking to solve? (I understand the direct question as did the previous poster, but there may be alternatives here that have not been considered.)
You could check credentials in SYLOGIN.COM, for instance.
Or use ssh and related.
Or use a web server and CGI.
Or...
As a general comment, the old-style r-tools such as rexec can be pretty leaky as network and data security goes, too.
Some background, please?
Stephen Hoffman
HoffmanLabs LLC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2008 02:24 AM
тАО03-04-2008 02:24 AM
Re: Rexec on OpenVMS 7.3.2
I wholeheartedly second Hoff's comment. Firewalls and TCP settings cannot (generally) discriminate by user, they are limited to discriminating by IP address.
Other methods involving validating the user once the connection is established can be more finely tuned. If trying to block access to remote users, blocking outside IP addresses is helpful, but a rogue office user could appear to come from a local IP address using a zombie program (or simply GOTOMYPC).
More information about the actual application requirement would perhaps make it possible to come up with a better suggestion as to how to accomplish the goal in a safe and secure way.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2008 06:16 PM
тАО03-04-2008 06:16 PM
Re: Rexec on OpenVMS 7.3.2
Firstly, thanks for your valuable information.
I have an environment whereby 2 system located differently with firewall, client running on linux and host running on openvms.
The main reason is the system on openvms doesn't have IP spoofing on the firewall and the concern as mentioned earlier someone could just breach in.
I am looking the best effort to protect the system by identifying logon and IP for REXEC on openvms.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2008 06:55 PM
тАО03-04-2008 06:55 PM
Re: Rexec on OpenVMS 7.3.2
Have you considered the use of STUNNEL to provide a secure connection between the two systems?
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2008 07:08 PM
тАО03-04-2008 07:08 PM
Re: Rexec on OpenVMS 7.3.2
I believed both end has to be SSL enabled. Correct me if I am wrong.
Currently, the openvms is not complient to SSL.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-05-2008 02:15 AM
тАО03-05-2008 02:15 AM
Re: Rexec on OpenVMS 7.3.2
OpenSSL and STUNNEL for OpenVMS are available via the HP OpenVMS www site at http://h71000.www7.hp.com/ebusiness/technology.html
A quick check of the SSL www pages leads one to the release notes and the pre-requisites, including OpenVMS 7.3-2. Please read the release notes as a starting point.
It goes without saying that when creating X.509 certificates for this purpose, I do not not recommend that clients use self-signed certificates for any purpose other than testing, and often not even that.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-05-2008 11:22 AM
тАО03-05-2008 11:22 AM
Re: Rexec on OpenVMS 7.3.2
Try issuing the command "ssh -h" to see if it works. You may need to setup the server environments on both systems if that's not already been done. See the online docu for SSH here:
http://h71000.www7.hp.com/doc/732final/aa-rvbua-te/aa-rvbua-te.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-05-2008 12:21 PM
тАО03-05-2008 12:21 PM