> -----Original Message----- > From: IBM Mainframe Discussion List > [mailto:[EMAIL PROTECTED] On Behalf Of Hal Merritt > Sent: Tuesday, July 31, 2007 1:57 PM > To: IBM-MAIN@BAMA.UA.EDU > Subject: Re: PCI Compliance - Encryption of all non-console > administrative access. > > > I am probably not understanding how SSH works. I was under the > impression that you must first gain access via RACF and VTAM > (TCP/IP)before you can get to somewhere you can invoke SSH. > > Traffic via SSH is encrypted.
Depends. I can use ssh on my desktop to connect to a UNIX shell on my z/OS system. This entire traffic is encrypted. This does depend on TCPIP, of course, but TCPIP does not require RACF validation in order to connect to an application (such as the SSH daemon). On my desktop, I enter: ssh zos.ip.address -l RACFID I then get prompted to enter the password for RACFID. This traffic is all encrypted. -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology The information contained in this e-mail message may be privileged and/or confidential. It is for intended addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or other use of this communication is strictly prohibited and could, in certain circumstances, be a criminal offense. If you have received this e-mail in error, please notify the sender by reply and delete this message without copying or disclosing it. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html