On Tue, Jan 9, 2024, at 5:18 PM, Jon Perryman wrote: > > You may wonder why you might need -R. The SSH command exposes identification > (e.g. userid & password). -L exposes a z/OS userid & password on each TN3270 > computer which is not easily protected. -R exposes Unix/Windows > userid/password on z/OS where you can fully protect them in 1 location and > easily restrict access. > > I used TN3270 as an example that is familiar to everyone in this group. But > this holds true for all TCP connections. Some exceptions may apply but it's > unlikely most people will be in those situations. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >
Exposes how? Do you mean that traffic on one socket across the loopback adapter can be seen by something other than the processes on the ends of the socket or a privileged process? Kirk Wolf Dovetailed Technologies http:// <http://dovetail.com>coztoolkit.com ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN