From:	CSBVAX::MRGATE!info-vax-RELAY@KL.SRI.COM@SMTP 15-JUN-1988 06:17
To:	ARISIA::EVERHART
Subj:	Re: Disallowing logins on Terminal ports


Received: from ucbvax.Berkeley.EDU by KL.SRI.COM with TCP; Fri, 10 Jun 88 08:00:51 PDT
Received: by ucbvax.Berkeley.EDU (5.59/1.28)
	id AA05073; Thu, 9 Jun 88 04:20:02 PDT
Received: from USENET by ucbvax.Berkeley.EDU with netnews
	for info-vax@kl.sri.com (info-vax@kl.sri.com)
	(contact usenet@ucbvax.Berkeley.EDU if you have questions)
Date: 8 Jun 88 16:45:15 GMT
From: munnari!vuwcomp!wnv!grv!srghamo@uunet.uu.net
Subject: Re: Disallowing logins on Terminal ports
Message-Id: <284@grv.dsir.govt.nz>
References: <8806030250.AA28914@ucbvax.Berkeley.EDU>
Sender: info-vax-request@kl.sri.com
To: info-vax@kl.sri.com

In article <8806030250.AA28914@ucbvax.Berkeley.EDU>, SYSMAN@NMSUVM1.BITNET writes:
> Date: 31 May 88, 15:56:13 GMT
> From: Mark Nichols              (505) 646-4183       SYSMAN   at NMSUVM1
> To:   INFO-VAX at KL.SRI.COM
> 
> 
> We have a problem concerning terminal ports and the NIU's used to
> connect to the campus network. Whenever the NIU times out and goes to
> the idle state the Vax interprets the response from the NIU as a login
> ...
> Is there a way to disable logins on a specific port while still
> allowing a user to connect to the port via kermit to go through the
> NIU and onto the network? We have tried all sorts of things with the
> NIU and it seems doing something from the Vax end is more feasable.
> 
There are several ways depending on how keen you are. The VAXes default
action is to assume that something is trying to log in and it accordingly
issues its messages expecting a real user. A simple way around
this is to let it do that, process an "auto-login" for a dummy user, then
log out quietly after a respectable time interval when the NIU has gone
back to sleep
                                         
There is a file SYS$SYSTEM:SYSALF.DAT? that relates usernames to particular
ports in a simple one to one relationship (its documented somewhere). Enter 
entries like:
	TXA0	DUMMY
	TXB0	DUMMY
            ...	(I think thats the format)
and further, set in the UAF a user record for DUMMY with password set to
"" and make it captive. DUMMY should have a LOGIN.COM that causes it to
WAIT for a while, then issue an EOJ command (i.e. quietly).

An alternative method is allocate the terminals to a process on logout.
In this way, typeahead is seen by the process that can then throw it away.

Perhaps the easiest (but I havent tried it) is if you never ever want to
login to the terminal to set a PERMANENT (valid after logout) terminal
characteristic that prevents logins. I suspect any of
	/SECURE_SERVER
	/NOTYPE_AHEAD
would work to stop the chat.

ANdrew Ollivier,	Department of Scientific and Industrial Research
                                                
New Zealand		SRGHAMO@DSIR@GOVT@NZ