ibm-information-center/dist/eclipse/plugins/i5OS.ic.ddp_5.4.0.1/rbal1clearpass.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Considerations for certain passwords being sent as clear text" />
<meta name="abstract" content="Although iSeries supports the encryption of connection passwords, one of the connection security options you can specify in setting up an RDB directory entry is *USRIDPWD." />
<meta name="description" content="Although iSeries supports the encryption of connection passwords, one of the connection security options you can specify in setting up an RDB directory entry is *USRIDPWD." />
<meta name="DC.Relation" scheme="URI" content="rbal1elementsusetcp.htm" />
<meta name="DC.Relation" scheme="URI" content="rbal1workwith.htm" />
<meta name="DC.Relation" scheme="URI" content="../db2/rbafzmstsetep.htm" />
<meta name="DC.Relation" scheme="URI" content="rbal1ipsecddm.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rbal1clearpass" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Considerations for certain passwords being sent as clear text</title>
</head>
<body id="rbal1clearpass"><a name="rbal1clearpass"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Considerations for certain passwords being sent as clear text</h1>
<div><p>Although <span class="keyword">iSeries™</span> supports
the encryption of connection passwords, one of the connection security options
you can specify in setting up an RDB directory entry is *USRIDPWD.</p>
<p>See the <span class="cmdname">Add Relational Database Directory Entry</span> command
and the <span class="cmdname">Change Relational Database Directory Entry</span> command
in Work with the relational database directory for more information.</p>
<p>If the server to which the connection is made allows the *USRIDPWD security
option, the connection password can flow unencrypted. In V5R3, the SQL SET
ENCRYPTION PASSWORD statement and the ENCRYPT function can also cause passwords
to flow over the network unencrypted. Currently, there are two possible solutions
for encrypting datastreams. One is to use IPSec. As the other possibility,
if you are using an AR that supports SSL, you can use that protocol to encrypt
data transmitted to and from an <span class="keyword">iSeries</span> AS.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbal1elementsusetcp.htm" title="DDM and DRDA over native TCP/IP does not use i5/OS communications security services and concepts such as communications devices, modes, secure location attributes, and conversation security levels which are associated with Advanced Program-to-Program Communication (APPC). Therefore, security setup for TCP/IP is quite different.">Elements of security in a TCP/IP network</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rbal1ipsecddm.htm" title="Internet Protocol Security Architecture (IPSec) is a security protocol in the network layer that provides cryptographic security services. These services support confidential delivery of data over the Internet or intranets.">Internet Protocol Security Architecture for DDM and DRDA</a></div>
</div>
<div class="relref"><strong>Related reference</strong><br />
<div><a href="rbal1workwith.htm" title="Use these instructions to work with the relational database directory.">Work with the relational database directory</a></div>
<div><a href="../db2/rbafzmstsetep.htm">SET ENCRYPTION PASSWORD statement</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="concept" />`
			`<meta name="DC.Title" content="Considerations for certain passwords being sent as clear text" />`
			`<meta name="abstract" content="Although iSeries supports the encryption of connection passwords, one of the connection security options you can specify in setting up an RDB directory entry is *USRIDPWD." />`
			`<meta name="description" content="Although iSeries supports the encryption of connection passwords, one of the connection security options you can specify in setting up an RDB directory entry is *USRIDPWD." />`
			`<meta name="DC.Relation" scheme="URI" content="rbal1elementsusetcp.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rbal1workwith.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="../db2/rbafzmstsetep.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rbal1ipsecddm.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rbal1clearpass" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>Considerations for certain passwords being sent as clear text</title>`
			`</head>`
			`<body id="rbal1clearpass"><a name="rbal1clearpass"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">Considerations for certain passwords being sent as clear text</h1>`
			`<div><p>Although <span class="keyword">iSeries™</span> supports`
			`the encryption of connection passwords, one of the connection security options`
			`you can specify in setting up an RDB directory entry is *USRIDPWD.</p>`
			`<p>See the <span class="cmdname">Add Relational Database Directory Entry</span> command`
			`and the <span class="cmdname">Change Relational Database Directory Entry</span> command`
			`in Work with the relational database directory for more information.</p>`
			`<p>If the server to which the connection is made allows the *USRIDPWD security`
			`option, the connection password can flow unencrypted. In V5R3, the SQL SET`
			`ENCRYPTION PASSWORD statement and the ENCRYPT function can also cause passwords`
			`to flow over the network unencrypted. Currently, there are two possible solutions`
			`for encrypting datastreams. One is to use IPSec. As the other possibility,`
			`if you are using an AR that supports SSL, you can use that protocol to encrypt`
			`data transmitted to and from an <span class="keyword">iSeries</span> AS.</p>`
			`</div>`
			`<div>`
			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rbal1elementsusetcp.htm" title="DDM and DRDA over native TCP/IP does not use i5/OS communications security services and concepts such as communications devices, modes, secure location attributes, and conversation security levels which are associated with Advanced Program-to-Program Communication (APPC). Therefore, security setup for TCP/IP is quite different.">Elements of security in a TCP/IP network</a></div>`
			`</div>`
			`<div class="relconcepts"><strong>Related concepts</strong><br />`
			`<div><a href="rbal1ipsecddm.htm" title="Internet Protocol Security Architecture (IPSec) is a security protocol in the network layer that provides cryptographic security services. These services support confidential delivery of data over the Internet or intranets.">Internet Protocol Security Architecture for DDM and DRDA</a></div>`
			`</div>`
			`<div class="relref"><strong>Related reference</strong><br />`
			`<div><a href="rbal1workwith.htm" title="Use these instructions to work with the relational database directory.">Work with the relational database directory</a></div>`
			`<div><a href="../db2/rbafzmstsetep.htm">SET ENCRYPTION PASSWORD statement</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`