Contents | ||
 | Software overview | |
 | Short description | |
| Overview | |
| Prerequisites | |
| Download current version | |
| National Language Support | |
Short description
UPMLOGIN is a freeware program for use with
the common IBM TCP/IP stacks for OS/2 up to TCP/IP version 4.0.
Overview The original TCP/IP telnet server program has a severe security leak:
it uses the content of the environment variable
TELNET.PASSWORD.ID as the login password,
wich can easily be viewed and/or modified within CONFIG.SYS.
You can replace the program responsible for this, namely TNLOGIN.EXE,
by the LOGINUNX.EXE, which is also coming with standard
TCP/IP. It uses the unix-style %etc%\passwd file, which allows at least
to configure several telnet login accounts with a single password for each
account, but to create such a file, you additionally need a port of the
unix program called passwd.
Other replacement programs for TNLOGIN.EXE even allow to sepcify a startup
directory and an alternate command processor. For that they use a slightly
modified structure of the passwd file, but they all use the passwd file as a
security database.
Only recently a TNLOGIN replacement like this UPMLOGIN package has
been released, that verifies userid/password combinations against the
OS/2 built-in local User profile management (UPM). This package is called
TnLogin 1.00 (TNLG100.ZIP) and was released by Dmitry Irtegov and
Konstantin Boyandin.
Its TNLOGIN.EXE replacement already has a big advance compared to the passwd approach.
You can configure user accounts and user groups within the UPM GUI, and
for to be able to modify the security database, one needs to be an admin.
The UPMLOGIN package can do much more for you:
See configuration scenarios and the
readme file coming with the package for further details on how to set up
those restrictions within the local UPM.
Prerequisites This program runs under OS/2 WARP V3.x or later.
More, it requires one of the following TCP/IP packages
To get a local User Profile Management (UPM), you need to install one of
the following packages:
For OS/2 WARP 3 Connect:
Download current version You can download the current version (ca 24.18 Kb) from the following following sources:
With this program, all telnet login attempts are verified against
the local User Profile Management (UPM) security database or, if desired,
against the security database of a LAN/WARP Server domain.
The latter enables telnet login users to use their LAN/WARP Server logon
password also for their telnet login.
More, you can restrict access to administrators or members of locally defined
user groups and you can completely configure those restrictions via the UPM GUI !
Also included are welcome and login messages (motto of the day) and a logging
feature for all login attempts.
![[Top]](/img/top.gif)
A big disadvantage of this approach is, that everybody, who is allowed to login
via telnet, can view and/or edit this file, because a user allowed to login can
modify every file on the system, since there ist no file system security on normal
OS/2 workstations.
While it may be difficult to use and/or modify an existing account, because the password
is encrypted, it is quite easy to add a new account by adding the appropriate data to the
passwd file.
being installed.
For OS/2 WARP 4:
For all OS/2 versions:
| Address |
 this website |
| The Hobbes File Archive (hobbes.nmsu.edu) |
Check your copy of the zip file with the detached 
signature certificate or the MD5 checksum.
- Signature certificate: upmlg101.asc
- MD5 checksum: ecc80eaa1312d96337b24a08c96f98ea
National Language Support
This program currently provides National Language Support for the following languages:
 | English |
 | German |
| Impressum | Search | This website in other languages | Last update: 15. Jul 2008 | © Christian Langanke 1997-2012 |