Secured TELNET

645 pts.
How can I secure telnet so one cannot just telnet to our systm name and access a QPADEV* session? TIA

Software/Hardware used:
iSeries O/S V5R4M0

Answer Wiki

Thanks. We'll let you know when a new response is added.

The first thing I would do would be to set Public authority to *EXCLUDE. You can also look into exit programs. You can write you own or look into a commercial application.

This thread may help:

Also you can check :


We control access from our interactive subsystems. In QINTER, for example, we add workstation names that DO NOT begin with QPADEV*. So, if someone is not assigned a workstation name, they will not obtain a signon for our system.

Discuss This Question: 6  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Abigail
    What would you set to Public *EXCLUDE?
    645 pointsBadges:
  • TomLiotta
    Do you want to stop unauthorized telnet access from outside or do you simply want to block access to QPADEV* devices? The two are not totally synonymous. Unauthorized outside access can connect to devices other than QPADEV* devices. Tom
    125,585 pointsBadges:
  • Whatis23
    Total lock out to the command TELNET for login is to set to public *exclude.
    5,665 pointsBadges:
  • WoodEngineer
    We have had good success using the TELNET exit program provided by IBM, which can be found from the URL metnnioned by Teandy. It installed smoothly and is very secure.
    8,225 pointsBadges:
  • pdraebel
    If you now which IP adresses (ranges) are allowed access you cold use CFGTPC option 2 (Routes) and remove the *DFTROUTE and add only the IP ranges you want to allow access toyour iSeries. Doing that will cause you i not to reply to any requessts from IP's outside allowed ranges.
    7,545 pointsBadges:
  • Teandy
    Abigail wrote: What would you set to Public *EXCLUDE? On the command line, type WRKOBJ TELNET. On the next screen, take option 2. Then change *PUBLIC authority to *EXCLUDE.
                                Edit Object Authority                              
    Object . . . . . . . :   TELNET          Owner  . . . . . . . :   QSYS         
      Library  . . . . . :     QSYS          Primary group  . . . :   *NONE        
    Object type  . . . . :   *CMD            ASP device . . . . . :   *SYSBAS      
    Type changes to current authorities, press Enter.                              
      Object secured by authorization list  . . . . . . . . . . . .   *NONE        
    User        Group       Authority                                              
    *PUBLIC                 *EXCLUDE                                         
    You can also use EDTOBJAUT OBJ(TELNET) OBJTYPE(*CMD). Both commands eventually take you to the same screen.
    5,860 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: