ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Clear text passwords. Was: Automating dsmserv

2003-05-27 17:59:16
Subject: Re: Clear text passwords. Was: Automating dsmserv
From: Alex Paschal <AlexPaschal AT FREIGHTLINER DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Tue, 27 May 2003 14:58:45 -0700 
Actually, it doesn't show on AIX 5.2 or AIX 4.3.3.  I can't speak for any
other OS's or client levels.

Alex Paschal
Freightliner, LLC
(503) 745-6850 phone/vmail

alex /home/alex $ dsmadmc -id=myid -pa=mypass
Tivoli Storage Manager
Command Line Administrative Interface - Version 5, Release 1, Level 5.2
(C) Copyright IBM Corporation 1990, 2002 All Rights Reserved.

Session established with server CORPTSM: AIX-RS/6000
  Server Version 5, Release 1, Level 5.4
  Server date/time: 05/27/03   14:52:24  Last access: 05/27/03   14:48:43


tsm: CORPTSM>[1] + Stopped (SIGTSTP)        dsmadmc -id=reports -pa=reports
alex /home/alex $ ps -ef | grep dsm
    alex 24742 20888   0 14:54:06  pts/6  0:00 dsmadmc
    alex 33486 20888   2 14:54:10  pts/6  0:00 grep dsm
alex /home/alex $ fg
dsmadmc -id=reports -pa=reports
quit

ANS8002I Highest return code was 0.

alex /home/alex $ r ps
ps -ef | grep dsm
    alex 33488 20888   2 14:54:19  pts/6  0:00 grep dsm
alex /home/alex $

-----Original Message-----
From: Marcel J.E. Mol [mailto:marcel AT MESA DOT NL]
Sent: Tuesday, May 27, 2003 1:42 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: Clear text passwords. Was: Automating dsmserv


On Tue, May 27, 2003 at 04:06:32PM -0400, Stephen E. Bacher wrote:
> Justin Bleistein <justin.bleistein AT sungard DOT com> wrote:
>
> >any alternatives to running: "dsmserv" via batch mode with the:
> >
> >dsmadmc -id=login -pass=password syntax...
> >
> >I mean it's passwords in clear text so all someone has to do is cat that
> >file and your exposed... Any ideas on how to automate the client-server
> >interface (dsmadmc) without displaying the password anywhere?. Thanks!.
>
> A slight improvement on security would be something like:
>
>  dsmadmc -id=login -pass=`cat /private/tsm/password.txt`

As a normal user on this system do "ps -ef | grep dsm" and you'll
see the result of `cat /private/tsm/password.txt` ...

-Marcel
--
     ======--------         Marcel J.E. Mol                MESA Consulting
B.V.
    =======---------        ph. +31-(0)6-54724868          P.O. Box 112
    =======---------        marcel AT mesa DOT nl                 2630 AC  
Nootdorp
__==== www.mesa.nl ---____U_n_i_x______I_n_t_e_r_n_e_t____ The Netherlands
____
 They couldn't think of a number,           Linux user 1148  --
counter.li.org
    so they gave me a name!  -- Rupert Hine  --  www.ruperthine.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  sending mail to list, Yao, Judy
Next by Date:  Re: Question on defeating TSM strengths: due to budget constraints << solved, DFrance
Previous by Thread:  Re: Clear text passwords. Was: Automating dsmserv, Tom Kauffman
Next by Thread:  Re: Clear text passwords. Was: Automating dsmserv, Marcel J.E. Mol
Indexes:  [Date] [Thread] [Top] [All Lists]