On Wed, 20 Jan 2016 17:17:45 -0600, Kirk Wolf wrote:
>Hi Gil,
>
>I'm not sure I understand exactly what you are referring to?
>
Hmm... No other followups. After the Subject:
z/OS 2.2 3270 OMVS ssh masks passwords!
... and that's a good thing, at last. Always previously ssh and sftp
refused to work from a 3270/TSO/OMVS session. The most plausible
rationale was that they couldn't mask passwords as they were typed
-- a security exposure. The z/OS 2.2 Ported Tools now mask passwords
and allow ssh and sftp from a 3270.
I knew a circumvention. Running the "screen" utility from a 3270
ssh and sftp worked (but passwords were visible). I never reported
this, fearing that IBM would break "screen" rather than fixing ssh.
I had traced the behavior to what I suspected, tcsetattr(NOECHO)
which suppressed password display on a linemode terminal but
left it visible on a 3270. I reported this to IBM, submitting both
my C code using tcsetattr(NOECHO) and the shell command,
"stty -echo" which failed alike on a 3270 even though both work
on a line terminal. IBM changed "stty -echo" so it suppresses
passwords, but left tcsetattr() broken.
Yesterday, I dusted off my C testcase. Still broken. tcsetattr()
suppresses password display on a linemode terminal but leaves
it visible on a 3270. They might have fixed the problem at the
root; instead they trimmed the branch.
So Rocket Software cares about customers more than IBM does.
Which explains the citations on another list by regular contriutors
to this list:
http://www.theregister.co.uk/2016/01/19/ibm_revenues_down_again/
http://finance.yahoo.com/news/no-end-in-sight-for-ibm-decline-as-shares-near-six-year-low-141729837.html
>On Wed, Jan 20, 2016 at 5:14 PM, Paul Gilmartin wrote:
>
>> Really! At last!
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
