UPMLOGIN V1.01

by Christian Langanke, 1999


Contents

Software overview
Short description
Overview
Prerequisites
Download current version
National Language Support


Short description

UPMLOGIN is a freeware program for use with the common IBM TCP/IP stacks for OS/2 up to TCP/IP version 4.0.
With this program, all telnet login attempts are verified against the local User Profile Management (UPM) security database or, if desired, against the security database of a LAN/WARP Server domain. The latter enables telnet login users to use their LAN/WARP Server logon password also for their telnet login.
More, you can restrict access to administrators or members of locally defined user groups and you can completely configure those restrictions via the UPM GUI !
Also included are welcome and login messages (motto of the day) and a logging feature for all login attempts.
[Top]

Overview

The original TCP/IP telnet server program has a severe security leak: it uses the content of the environment variable TELNET.PASSWORD.ID as the login password, wich can easily be viewed and/or modified within CONFIG.SYS.

You can replace the program responsible for this, namely TNLOGIN.EXE, by the LOGINUNX.EXE, which is also coming with standard TCP/IP. It uses the unix-style %etc%\passwd file, which allows at least to configure several telnet login accounts with a single password for each account, but to create such a file, you additionally need a port of the unix program called passwd.
A big disadvantage of this approach is, that everybody, who is allowed to login via telnet, can view and/or edit this file, because a user allowed to login can modify every file on the system, since there ist no file system security on normal OS/2 workstations. While it may be difficult to use and/or modify an existing account, because the password is encrypted, it is quite easy to add a new account by adding the appropriate data to the passwd file.

Other replacement programs for TNLOGIN.EXE even allow to sepcify a startup directory and an alternate command processor. For that they use a slightly modified structure of the passwd file, but they all use the passwd file as a security database.

Only recently a TNLOGIN replacement like this UPMLOGIN package has been released, that verifies userid/password combinations against the OS/2 built-in local User profile management (UPM). This package is called TnLogin 1.00 (TNLG100.ZIP) and was released by Dmitry Irtegov and Konstantin Boyandin. Its TNLOGIN.EXE replacement already has a big advance compared to the passwd approach. You can configure user accounts and user groups within the UPM GUI, and for to be able to modify the security database, one needs to be an admin.

The UPMLOGIN package can do much more for you:

See configuration scenarios and the readme file coming with the package for further details on how to set up those restrictions within the local UPM.
[Top]

Prerequisites

This program runs under OS/2 WARP V3.x or later.

More, it requires one of the following TCP/IP packages

being installed.

To get a local User Profile Management (UPM), you need to install one of the following packages:

For OS/2 WARP 3 Connect:

  • Peer Client for OS/2
For OS/2 WARP 4:
  • File and Print Client
For all OS/2 versions:
  • LAN/WARP Server Client for OS/2

[Top]

Download current version

You can download the current version (ca 24.18 Kb) from the following following sources:

Address
 this website
 The Hobbes File Archive (hobbes.nmsu.edu)

Check your copy of the zip file with the detached signature certificate or the MD5 checksum.

  • Signature certificate:  upmlg101.asc
  • MD5 checksum: ecc80eaa1312d96337b24a08c96f98ea

[Top]

National Language Support

This program currently provides National Language Support for the following languages:

English
German

[Top]


Impressum Search This website in other languages Last update: 28. May 2013 © Christian Langanke 1997-2018