[an error occurred while processing this directive]

HP OpenVMS Systems Documentation
Content starts here >

Compaq TCP/IP Services for OpenVMS
Release Notes

Previous Contents

1.5.2.2 TELNET Command Descriptions

This section describes the TELNET/AUTHENTICATE command.

TELNET/AUTHENTICATE

Qualifiers

/AUTHENTICATE

Optional. Default: None.

Specifies that you want the TELNET session to use Kerberos features.

Note
The /AUTHENTICATE qualifier also can be used with the TELNET commands OPEN and CONNECT.

/FORWARD

/NOFORWARD

Optional. Default: /NOFORWARD.

Forwards a copy of your Kerberos tickets to the remote host. The /NOFORWARD qualifier overrides any forwarding specified in your machine's configuration files. You must request forwardable tickets at the same time that you issue the KINIT command.

You must use the /AUTHENTICATE qualifier when you specify the /FORWARD qualifier.

/REALM=realm-name

Optional.

Requests Kerberos tickets for the remote host in the specified realm, instead of determining the realm itself.

You must use the /AUTHENTICATE qualifier when you specify the /REALM qualifier.

Examples

#1 

$ TELNET/AUTHENTICATE/REALM=jet.mbs.com terse 
 
%TELNET-I-TRYING, Trying ... 15.21.308.11 
%TELNET-I-SESSION, Session 01, host terse, port 23 
%TELNET-I-ESCAPE, Escape character is ^] 
        terse.ucx.ttg.mbs.com

This example logs in to system terse with Kerberos credentials.

#2 

$ TELNET/AUTHENTICATE/FORWARD terse 
 
%TELNET-I-TRYING, Trying ... 15.21.308.11 
%TELNET-I-SESSION, Session 01, host terse, port 23 
%TELNET-I-ESCAPE, Escape character is ^] 
[Kerberos V5 accepts you as ''j_brown@terse.mbs.com'' ] 
[Kerberos V5 accepted forwarded credentials ]

This example forwards credentials to host terse for user j_brown .

1.5.3 Configuring the Kerberos TELNET Server

This version of TCP/IP Services supports a separate Kerberos TELNET server, in addition to the standard TCP/IP TELNET server.

The Kerberos TELNET server has the same major features as the TCP/IP Services TELNET server. However, there are minor differences between the two servers. For example, although the TELNET server supports IPv6 connections, the Kerberos TELNET server supports only the IPv4 protocol for communication with the Kerberos Key Distribution Center (KDC).

The TELNET server with Kerberos support is enabled by running the TCPIP$CONFIG.COM command procedure, as described in the Compaq TCP/IP Services for OpenVMS Installation and Configuration guide.

If the TELNET server is currently enabled and you want to support Kerberos, you must disable the TELNET service before you install this version of TCP/IP Services to ensure that the required TCPIP$TELNET user account and directory are created.

Note
Because the TELNET server will be stopped, do not use a TELNET connection to perform the following procedure.

To disable the Kerberos TELNET server, perform the following steps:

  1. Invoke the TCPIP$CONFIG command procedure by entering the following command from a user account with system management privileges: 


    $ @SYS$MANAGER:TCPIP$CONFIG.COM
  2. On the Configuration menu, select the Client components option.
  3. From the list of client components, select TELNET .
  4. On the TELNET Configuration menu, select Disable & Stop service on this node .
  5. Return to the Configuration menu.

For instructions on how to enable the Kerberos TELNET server, refer to the Compaq TCP/IP Services for OpenVMS Installation and Configuration manual.

1.5.3.1 Connecting to the Kerberos TELNET Server

The Kerberos TELNET server uses port 2323. Specify this port on the TELNET command line. For example: 


$ TELNET/AUTHENTICATE terse.mbs.com /PORT=2323 
 
%TELNET-I-TRYING, Trying ... 17.21.205.153 
%TELNET-I-SESSION, Session 01, host terse.mbs.com, port 2323 
-TELNET-I-ESCAPE, Escape character is ^] 
 
 Welcome to OpenVMS (TM) Alpha Operating System, Version V7.3 
 
Username:

1.6 Configuring Subsystem Attributes

TCP/IP Services supports UNIX subsystems and allows you to modify the attributes of those subsystems to change the way the TCP/IP Services software operates.

Subsystem configuration is provided for compatibility with Compaq Tru64 UNIX. Compaq strongly advises you not to modify the attributes associated with subsystems except when the adjustment of an attribute is indicated (for example, to improve performance). In most cases, corresponding TCP/IP management commands are provided to help limit the side effects of modifying subsystem attributes.

The following sections describe how to display and modify the settings of the subsystem attributes. Modifying subsystem attributes without full knowledge of possible effects can cause unpredictable results and is recommended only as specifically directed by Compaq.

1.6.1 Displaying Subsystem Attributes and Values

You can use the sysconfig -m command to display static and dynamic subsystems, as follows: 


$ TCPIP 
TCPIP> sysconfig -m 
cm: static 
inet: static 
iptunnel: static 
ipv6: static 
net: static 
snmpinfo: static 
socket: static 
inetkvci: static 
proxy: static 
nfs: static 
vfs: static

Depending on the configuration of your system, the list of subsystems displayed may differ from this example. There are two types of subsystems:

  • Static subsystems are loaded at startup time and can be unloaded only when TCP/IP shuts down.
  • Dynamic subsystems can be loaded and unloaded at will without shutting down and restarting TCP/IP Services.

Subsystems can be loaded but not available for use. To determine which subsystems are loaded, use the sysconfig -s command. This command displays the state of all subsystems. Subsystems can have the following states:

  • Loaded and configured (available for use)
  • Loaded and unconfigured (not available for use)
    This state applies only to static subsystems, which you can unconfigure, but you cannot unload.
  • Unloaded (not available for use)
    This state applies only to loadable subsystems, which are automatically unloaded when you unconfigure them.

You can modify subsystem attributes at runtime, a change that will persist only as long as the system continues to run, or you can modify them in the system configuration table, preserving the changes through system reboots.

The persistence of a modified attribute value depends on the command or utility option you use, according to the following guidelines:

  • For permanent modifications that persist across reboots, use the sysconfigdb utility, as described in Section 1.6.2.
  • For temporary modifications that will not persist across reboots, use the sysconfig -r command as described in Section 1.6.3.

1.6.2 Modifying Subsystem Attributes in the System Configuration Table

To modify subsystem attributes so that changes persist across reboots, you must store the attribute's value in the system configuration table (TCPIP$ETC:SYSCONFIGTAB.DAT). This file is an ASCII text file, and is formatted in UNIX stanza file format. When a subsystem is loaded, the attributes that are not listed in the SYSCONFIGTAB.DAT file are set to their default values.

To modify subsystem attributes in the SYSCONFIGTAB.DAT file, follow these steps:

  1. Create a stanza file as input to the procedure, as described in Section 1.6.2.1.
  2. Use the sysconfigdb utility to update the system configuration table, as described in Section 1.6.2.2.
  3. Reload the subsystem. A dynamic subsystem can be unloaded and reloaded using the sysconfig utility. A static subsystem is reloaded when the TCP/IP Services software is restarted.

Although you can edit the SYSCONFIGTAB.DAT file with any text editor, this practice is strongly discouraged. Syntax errors introduced when you edit the file can result in erroneous or unpredictable situations. Compaq recommends that you use the sysconfig utility to display the system configuration table and the sysconfigdb utility to modify its contents.

1.6.2.1 Creating a Stanza File

To add, update, or remove entries in the database, create a stanza file that contains the names and values for attributes that you want to modify.

The syntax for a stanza file entry is as follows: 


entry-name: 
       Attribute1-name = Attribute1-value
       Attribute2-name = Attribute2-value
       Attribute3-name = Attribute3-value1, Attribute3-value2
       .
       .
       .

The entry-name variable specifies the subsystem name.

The attributes for the subsystem are specified with the Attribute1-name, Attribute2-name, and Attribute3-name variables.

The values for the attributes are specified with the Attribute1-value, Attribute2-value, Attribute3-value1, and Attribute3-value2 variables.

The stanza file syntax rules are as follows:

  • Separate entries by one or more blank lines.
  • A colon (:) terminates an entry name.
  • A new line terminates an attribute name and value pair.
  • Separate a attribute name and attribute value with an equals sign (=).
  • Separate more than one attribute value with a comma (,).
  • Entry names and attribute names can contain any printable character except spaces, new lines, and special characters, which must be specified appropriately.
  • Entry attribute values can contain any printable character except new lines and special characters, which must be specified appropriately.
  • Spaces and tabs are allowed at the beginning and at the end of lines.
  • A pound sign (#) at the beginning of a line indicates a comment.
  • Comments should be included only at the beginning or the end of an entry.

Several special quoting characters allow attribute values to contain special values and data representations. If you specify a quoting character, surround the attribute value with quotation marks. For example, to specify an octal value, use the backslash character: 


\007

The TCPIP$ETC:SYSCONFIGTAB.DAT file is formatted as follows: 


inet: 
        inet_param1=inet_value1
        inet_param2=inet_value2
 
net: 
        net_param1=net_value1
        net_param2=net_value2
 
proxy: 
        proxy_param1=proxy_value1
 
socket: 
        socket_param1=socket_value1

To modify a subsystem attribute, create a stanza file in your own directory. In the following example, the stanza file is named SOCKET_ATTRS.TXT. 


$ TYPE SOCKET_ATTRS.TXT 
 
socket: 
         socket_param1 = socket_value1
$

1.6.2.2 Updating the System Configuration Table

After you create the stanza file, update the system configuration table using the sysconfigdb utility. To run the sysconfigdb utility, enter the following commands: 


$ TCPIP 
TCPIP> sysconfigdb

For information about using the sysconfigdb utility, refer to the command description in these release notes.

To update the system configuration table, use the sysconfigdb command with the -a option. Specify the stanza file on the command line using the -f option, as follows: 


TCPIP> sysconfigdb -a -f stanza-filename subsystem

In this command line, stanza-filename is the file name of the stanza file that you created. The value for subsystem is the subsystem name for which you are changing an attribute.

The sysconfigdb command reads the specified file and updates the database. The modifications are made to the subsystem when it is reloaded.

For example, the following stanza file (TABLE_MGR.STANZA) defines the attributes for two subsystems, TABLE_MGR_1 and TBL_MGR_2. 


$ TYPE TABLE_MGR.STANZA 
 
table_mgr_1: 
            size = 10 
            name = Ten-Element-Table 
tbl_mgr_2: 
            size = 5 
            name = Five-Element-Table 
 
$
>sysconfig

Maintains the subsystem configuration.

Format

sysconfig -c | -d | -m | -q | -Q | -r | -s | -u [subsystem-name] [attribute-list]

description

The sysconfig command queries and modifies the in-memory subsystem configuration. Use this command to add subsystems, reconfigure subsystems that are already in memory, query subsystems, and unconfigure and remove subsystems.

The sysconfig utility allows you to modify the value of subsystem attributes, as long as the subsystem supports run-time modifications.

When you configure a subsystem using the -c flag, you make that subsystem available for use. If the subsystem is loadable, the sysconfig command loads the subsystem and then initializes the value of its attributes.

To modify the value of a subsystem attribute, use the -r (reconfigure) flag. Specify the subsystem attributes and values on the command line. The sysconfig utility modifies the named attributes by storing the value you specify in them. The modifications take effect immediately.

To get information about subsystem attributes, use either the -q flag or the -Q flag. You can specify an attribute list with both these flags. When you use the -q flag, the sysconfig command displays the value of attributes from the in-memory system configuration table. When you use the -Q flag, the sysconfig utility displays the following information about each attribute you specify in the attribute list or, if you omit the attribute list, every attribute for the specified subsystem.

  • Attribute datatype.
  • Operations supported by the attribute. For example, this information indicates whether you can reconfigure the attribute using the sysconfig -r command.
  • Minimum and maximum allowed attribute values.

To get information about the state of subsystems, use the -s flag. This flag provides a list of the subsystems that are currently loaded and configured. If you specify subsystem-name, the command displays information about the state of that subsystem. Each subsystem can have one of three states:

  • Loaded and configured (available for use)
  • Loaded and unconfigured (not available for use but still loaded)
    This state applies only to static subsystems, which can be unconfigured but cannot be unloaded.
  • Unloaded (not available for use)
    This state applies only to loadable subsystems, which are automatically unloaded when you unconfigure them with the sysconfig -u command.

Subsystems that are not being used can be unconfigured using the -u flag. Unconfiguring subsystems can free up kernel memory, making it available for other uses. You can unconfigure any static or loadable subsystem that supports run-time unconfiguration. If you unconfigure a loadable subsystem, that subsystem is also unloaded from the kernel.

You can use the sysconfig command to display the value of attributes on the local system. If you want to configure, reconfigure, or unconfigure a subsystem, you must be authorized to modify the kernel configuration. Only users who have a system group UIC or who have an account with SYSPRV, BYPASS, or OPER privilege can configure, reconfigure, or unconfigure the subsystems.

Parameters

subsystem-name

Specifies the subsystem on which you want to perform the operation. The subsystem-name argument is required for all flags except -s and -m . If you omit subsystem-name when you use the -s or -m flag, the sysconfig utility displays information about all loaded subsystems.

attribute-list

Specifies attribute names and, depending on the operation, attribute values.
  • For reconfigure ( -r ) operations, the attribute-list argument has the following format: 


    attribute1=value1 attribute2=value2...

    Do not include spaces between the attribute name, the equals sign (=), and the value.
  • For query attribute ( -q ) operations, the attribute-list argument has the following format: 


    attribute1 attribute2...

The attribute-list argument is required when you use the -r flag and is optional with the -q flag. Any attribute list specified with other flags is ignored by the sysconfig utility.

Flags

-c

Configures the specified subsystem by initializing its attribute values and, possibly, loading it into memory. Use this command whether you are configuring a newly installed subsystem or one that was removed using the sysconfig -u command option.

-d

Displays the attribute settings in the SYSCONFIGTAB.DAT file for the specified subsystem.

-m

Queries the mode for the specified subsystems. A subsystem's mode can be static or dynamic. If you omit the subsystem name, sysconfig displays the mode of all the configured subsystems.

-q

Queries attribute values for the configured subsystem specified by subsystem-name. If you omit the attribute list, values for all the specified subsystem's attributes are displayed.

-Q

Queries information about attributes of the configured subsystem specified by subsystem-name . The information includes the attribute data type, the operations supported, and the minimum and maximum values allowed for the attribute. Note that the minimum and maximum values refer to length and size for attributes of char and binary types, respectively. If you omit the attribute-list argument, information about all attributes in the specified subsystem is displayed.

-r

Reconfigures the specified subsystem. You must supply the subsystem name and the attribute list when you use this flag.

-s

Queries the subsystem state for the specified subsystems. If you omit the subsystem name, sysconfig displays the state of all the configured subsystems.

-u

Unconfigures and, if the subsystem is loadable, unloads the specified subsystem from the kernel.

Examples

The following examples show how to use the sysconfig command.
#1 

TCPIP> sysconfig -s 
inet: loaded and configured 
net: loaded and configured 
socket: loaded and configured 
iptunnel: loaded and configured 
ipv6: loaded and configured 
snmpinfo: loaded and configured

This example shows how to display the subsystems and their status.

#2 

TCPIP> sysconfig -q net 
net: 
ifnet_debug = 0 
ifqmaxlen = 1024 
lo_devs = 1 
lo_def_ip_mtu = 4096 
nslip = 0

This example shows how to display subsystem attributes and their values.

#3 

TCPIP> sysconfig -s net 
net: loaded and configured

This example shows how to query the state of a particular subsystem.

Previous Next Contents