On Fri, 21 Sep 2001, James Rich wrote:
> >
> > Has anyone out there set up the Linux tn5250 to connect to their AS/400
> > using SSL?
> >
> > I realize, of course, that tn5250 doesn't have SSL support, but there
> > are many SSL-proxy products out there... Has anyone been able to make
> > tn5250 work through one of them? If so, I'd very much appreciate any
> > information you can give me.
>
> I have tried to set up an ssh tunnel between my laptop and our linux
> firewall, but no luck. That is the closest I've come to something like
> what you are talking about.
Hmmmm.... this surprises me. I would've expected an SSH tunnel to work
quite well, though I have to admit that I haven't tried that at this
point.
> > If not -- I was considering creating a module for tn5250 that works in
> > conjunction with OpenSSL. is anyone else interested in such a feature?
>
> I would definately be interested. Hmm... Can it be set to work with a
> linux firewall handling the ssl part and forwarding the unencrypted
> results to the as/400? I have some clients who can't afford an upgrade to
> OS/400 but would like secure 5250 over the 'net.
>
It seems to me that a Linux firewall with an SSL tunnelling server/proxy
type of thing should work just as well... I guess I'd have to check out
the particular SSL tunnel or proxy that you're running on your firewall
to know for sure.
It seems to me that as long as the certificates are traded successfully,
and encryption/decryption works, it shouldn't make too much difference
whether the client is doing the SSL, or whether a proxy is doing it...
But, that's just me applying logic -- not experience :(
_______________________________________________
This is the Linux 5250 Development Project (LINUX5250) mailing list
To post a message email: [EMAIL PROTECTED]
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/linux5250
or email: [EMAIL PROTECTED]
Before posting, please take a moment to review the archives
at http://archive.midrange.com/linux5250.
