The Split Personality of OS/400: Difference between revisions

From Try-AS/400
Jump to navigation Jump to search
m (PoC moved page The split personality of OS/400 to The Split Personality of OS/400 without leaving a redirect: Nicer Caps)
 
(Where)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''The split personality of OS/400''' is a somewhat exaggerated short statement that OS/400 implements an UNIX-Shell since early versions. This ''qsh'' provides a limited runtime environment borrowed from AIX. There are some basic UNIX tools available, like ''ls'', ''find'' and so on.
'''The split personality of OS/400''' is a somewhat exaggerated short statement that OS/400 implements an UNIX-Shell since early versions. This ''qsh'' provides a limited runtime environment borrowed from AIX. There are some basic UNIX tools available, like ''ls'', ''find'' and so on.


This limited shell can be expanded to a more sophisticated environment thru the installation of [[wikipedia:IBM_i#PASE|PASE]]. With this installation also comes a ''ssh''-Server. This leads to to a funny side effect:
This limited shell can be expanded to a more sophisticated environment thru the installation of [[wikipedia:IBM_i#PASE|PASE]]. With this installation also comes a ''ssh''-Server on newer OS releases. This leads to to a funny side effect:
* When you ''telnet'' to an AS/400, you get the classic AS/400 signon screen with the classic menu- and forms-driven environment,
* When you ''telnet'' to an AS/400, you get the classic AS/400 signon screen with the classic menu- and forms-driven environment,
* When you ''ssh'' to an AS/400 you will be directed to an UNIX shell, within the PASE environment.
* When you ''ssh'' to an AS/400 you will be directed to an UNIX shell, within the PASE environment.


== Security implications ==
== Security implications ==
While the classical side of OS/400 (and z/OS) implement many security-enhancing measures which make it difficult to exploit a properly installed and configured machine, the more and more prevalent availability of PASE (and it's z/OS equivalent) with a multitude of available [[wikipedia:Open-source_software|OSS]] tools expose an increasing surface for threats.
While the classical side of OS/400 (and z/OS) implement many security-enhancing measures that make it difficult to exploit a properly installed and configured machine, the more and more prevalent availability of PASE (and it's z/OS equivalent) with a multitude of available [[wikipedia:Open-source_software|OSS]] tools expose an increasing surface for threats.
 
[[Category: Basic Knowledge]]
[[Category: Musings]]

Latest revision as of 09:24, 11 May 2023

The split personality of OS/400 is a somewhat exaggerated short statement that OS/400 implements an UNIX-Shell since early versions. This qsh provides a limited runtime environment borrowed from AIX. There are some basic UNIX tools available, like ls, find and so on.

This limited shell can be expanded to a more sophisticated environment thru the installation of PASE. With this installation also comes a ssh-Server on newer OS releases. This leads to to a funny side effect:

  • When you telnet to an AS/400, you get the classic AS/400 signon screen with the classic menu- and forms-driven environment,
  • When you ssh to an AS/400 you will be directed to an UNIX shell, within the PASE environment.

Security implications

While the classical side of OS/400 (and z/OS) implement many security-enhancing measures that make it difficult to exploit a properly installed and configured machine, the more and more prevalent availability of PASE (and it's z/OS equivalent) with a multitude of available OSS tools expose an increasing surface for threats.