|
Re: Clear text passwords. Was: Automating dsmserv
2003-05-27 23:35:37
The DBAs I work with put a large number of spaces between the userid and
password arguments in their scripts.
That way the ps command cuts its output before the password is displayed.
(Probably easy to work around, but I haven't tried yet.)
RC
----- Original Message -----
From: "Justin Bleistein" <justin.bleistein AT SUNGARD DOT COM>
To: <ADSM-L AT VM.MARIST DOT EDU>
Sent: Tuesday, May 27, 2003 12:24 PM
Subject: Re: Clear text passwords. Was: Automating dsmserv
> any alternatives to running: "dsmserv" via batch mode with the:
>
> dsmadmc -id=login -pass=password syntax...
>
> I mean it's passwords in clear text so all someone has to do is cat that
> file and your exposed... Any ideas on how to automate the client-server
> interface (dsmadmc) without displaying the password anywhere?. Thanks!.
>
> --Justin Richard Bleistein
> Unix/TSM Systems Administrator (Sungard eSourcing)
> Desk: (856) 566 - 3485
> Cell: (856) 912 - 0861
> Email: justin.bleistein AT sungard DOT com
>
>
>
> "Stapleton, Mark"
> <stapleto@BERBEE. To:
ADSM-L AT VM.MARIST DOT EDU
> COM> cc:
> Sent by: "ADSM: Subject: Re: Clear text
passwords. Was: Automating dsmserv
> Dist Stor
> Manager"
> <[email protected]
> .EDU>
>
>
> 05/27/2003 12:08
> PM
> Please respond to
> "ADSM: Dist Stor
> Manager"
>
>
>
>
>
>
> From: Thomas A. La Porte [mailto:tlaporte AT ANIM.DREAMWORKS DOT COM]
> > Since this topic of clear text passwords has arisen, I wonder if
> > anybody knows whether or not there is/are any outstanding
> > requirements or enhancement requests for Kerberos support within
> > TSM. This would be handy both in the situation discussed below,
> > and for general administrative and node access to the server.
> >
> > If there isn't an outstanding request, I'll probably go ahead and
> > ask that one be made.
>
> One of the nice things about how Tivoli has handled TSM is that the
> authentication system is *exactly* the same, no matter what the server
> and client OS platforms may be. The same can be said for the interfaces
> and the way administration is performed. Inserting something like
> Kerberos into the mix would mean you'd have to make it work for all
> platforms that the TSM server supports--including MVS, OS/400, and
> <shudder> Windows.
>
> There are ways of scripting TSM tasks that can sidestep the clear text
> stuff, much the same as the ways you script FTP sessions without putting
> passwords where users can gefingerpoken.
>
> --
> Mark Stapleton (mark.stapleton AT berbee DOT com)
> Berbee Information Networks
> Office 262.521.5627
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Clear text passwords. Was: Automating dsmserv, Leonard Lauria
- Re: Clear text passwords. Was: Automating dsmserv, Stapleton, Mark
- Re: Clear text passwords. Was: Automating dsmserv, Richard Sims
- Re: Clear text passwords. Was: Automating dsmserv, Justin Bleistein
- Re: Clear text passwords. Was: Automating dsmserv,
Robert Clark <=
- Re: Clear text passwords. Was: Automating dsmserv, Remeta, Mark
- Re: Clear text passwords. Was: Automating dsmserv, Stephen E. Bacher
- Re: Clear text passwords. Was: Automating dsmserv, Prather, Wanda
- Re: Clear text passwords. Was: Automating dsmserv, Thomas Denier
- Re: Clear text passwords. Was: Automating dsmserv, Justin Bleistein
- Re: Clear text passwords. Was: Automating dsmserv, Justin Bleistein
- Re: Clear text passwords. Was: Automating dsmserv, Tom Kauffman
- Re: Clear text passwords. Was: Automating dsmserv, Alex Paschal
|
|
|
