ADSM-L

Re: client schedule security question

1997-04-03 17:30:33
Subject: Re: client schedule security question
From: Steven P Roder <tkssteve AT ACSU.BUFFALO DOT EDU>
Date: Thu, 3 Apr 1997 17:30:33 -0500
On Thu, 3 Apr 1997, Tom Denier wrote:
> > I think you are mistaken.  The clear text password never leaves the server
> > or the client.  Perhaps someone from ADSM development can jump in here and
> > clearly explain how the negotiation works.
>
> You have missed the point of my note entirely. In some environments the
> password will pass over the network in clear text before the administrative
> client code ever sees it. For example, I interact with the various AIX
> systems at my site by means of an X terminal on my desk. If I open a
> terminal emulator window, execute the dsmadmc command, and respond to
> the password prompt, the X terminal will send information about each
> keystroke I type over the network with no encryptation. Many of my
> co-workers use telnet clients running on PCs to interact with AIX.
> If one of them establishes a telnet session with AIX, executes the
> dsmadmc command, and responds to the password prompt, the telnet
> client will send everything typed over the network with no
> encryptation.

Sorry, I see your point.  However, that is not a failing of ADSM, but of
your use of it.  We use ssh here, which can encrypt remote X sessions.

Steve (unVMix Systems Programmer/Dude) Roder
(tkssteve AT ubvm.cc.buffalo DOT edu | tkssteve AT acsu.buffalo DOT edu | 
(716)645-3564 ,
   | http://ubvm.cc.buffalo.edu/~tkssteve)