You can configure your Telnet server to use the Secure Sockets Layer (SSL) to secure Telnet communications sessions.
To configure your Telnet server to use SSL, you must use Digital
Certificate Manager (DCM) to configure the certificate for the
Telnet server to use. By default the Telnet server handles both secure and
non-secure connections. However, you can configure Telnet so that it allows
only secure Telnet sessions. Additionally, you can configure the Telnet server
to use digital certificates for stronger client authentication.
When you choose to use SSL with Telnet, you gain some strong
security benefits. For Telnet, besides server authentication, the data is
encrypted before any Telnet protocol data flows. Once the SSL session is established,
all Telnet protocols including user ID and password exchange, are encrypted.
The most important factor to consider when using the Telnet server is the sensitivity of the information that you use in a client session. If the information is sensitive or private, then you may find it beneficial to set up your iSeries™ Telnet server using SSL. When you configure a digital certificate for the Telnet application, the Telnet server is able to operate with both SSL and non-SSL clients. If your security policy requires that you always encrypt your Telnet sessions, you can disable all non-SSL Telnet sessions. When there is no need for you to use the SSL Telnet server, you can turn off the SSL port. You can disable the ports using the ADDTCPPORT command. Once you have turned off the port, the server provides non-SSL Telnet for the clients, and the SSL Telnet sessions are disabled.
To learn more about Telnet and about
security tips for Telnet with and without SSL, The IBM® Systems Software Information Center topic on Telnet provides the information that you need to use
Telnet on your iSeries server.