chrrel / racf-passticket-generator Goto Github PK
View Code? Open in Web Editor NEWA prototype implementation of the RACF PassTicket algorithm in Java.
License: MIT License
A prototype implementation of the RACF PassTicket algorithm in Java.
License: MIT License
I used to following information to generate my pass ticket on my linux LPAR as below:
//FTP logon, the APPNAME is usually default to 'OMVSAPPL' set up by z/OS USS.
var passTicket = pt.generateSync("userid", "OMVSAPPL", "xxxxxxxxxxxxxxx");
In the z/OS system, I set up PTKTDATA profiles OMVSAPPL and OMVSAPPL.BLAU as shown below, after I used the pass ticket generated on the system above as the 'password' to 'sftp' to the z/OS system with the profiles setup. It said my password, which is the pass ticket was invalid. I checked the UTC times between my linux system and the z/OS system, they are only 1 minute difference. Would you like to check what else I missed here. Thank you so much.
CLASS NAME
----- ----
PTKTDATA OMVSAPPL.BLAU
LEVEL OWNER UNIVERSAL ACCESS YOUR ACCESS WARNING
----- -------- ---------------- ----------- -------
00 M16SPEC NONE ALTER NO
..
AUDITING
--------
FAILURES(READ)
GLOBALAUDIT
-----------
NONE
NOTIFY
------
NO USER TO BE NOTIFIED
CREATION DATE LAST REFERENCE DATE LAST CHANGE DATE
(DAY) (YEAR) (DAY) (YEAR) (DAY) (YEAR)
------------- ------------------- ----------------
125 20 125 20 125 20
ALTER COUNT CONTROL COUNT UPDATE COUNT READ COUNT
----------- ------------- ------------ ----------
000000 000000 000000 000000
USER ACCESS ACCESS COUNT
---- ------ ------ -----
M16SPEC ALTER 000000
BLAU ALTER 000000
ID ACCESS ACCESS COUNT CLASS ENTITY NAME
-------- ------- ------------ -------- ---------------------------------------
NO ENTRIES IN CONDITIONAL ACCESS LIST
***
I also added this:
CLASS NAME
----- ----
PTKTDATA OMVSAPPL
LEVEL OWNER UNIVERSAL ACCESS YOUR ACCESS WARNING
----- -------- ---------------- ----------- -------
00 M16SPEC NONE ALTER NO
INSTALLATION DATA
-----------------
NONE
...
CREATION DATE LAST REFERENCE DATE LAST CHANGE DATE
(DAY) (YEAR) (DAY) (YEAR) (DAY) (YEAR)
------------- ------------------- ----------------
125 20 125 20 125 20
ALTER COUNT CONTROL COUNT UPDATE COUNT READ COUNT
----------- ------------- ------------ ----------
000000 000000 000000 000000
USER ACCESS ACCESS COUNT
---- ------ ------ -----
M16SPEC ALTER 000000
BLAU ALTER 000000
ID ACCESS ACCESS COUNT CLASS ENTITY NAME
-------- ------- ------------ -------- ---------------------------------------
NO ENTRIES IN CONDITIONAL ACCESS LIST
The commands I used are below for the OMVSAPPL.BLAU profile. I repeated for OMVSAPPL profile as well.
RDEFINE PTKTDATA OMVSAPPL.BLAU SSIGNON(KEYMASKED(xxxxxxxxxxxxxx))
RALTER PTKTDATA OMVSAPPL.BLAU APPLDATA('NO REPLAY PROTECTION')
RLIST PTKTDATA OMVSAPPL.BLAU ALL
SETROPTS RACLIST (PTKTDATA) REFRESH
Hi Christian,
IBM just announced this enhanced algorithm for PassTicket. Would you like to take a look to see if this algorithm needs to be updated. Thank you very much.
The following IBM Change Notification is being planned by z/OS development.
ICN Number: 1774
ICN Name: RACF Enhanced PassTickets
Abstract:
IBM intends to deliver a future RACF enhancement to support a new PassTicket algorithm option called Enhanced PassTickets.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.