UNIX Spawner Program. Starting the UNIX Spawner Program CHAPTER 36

Similar documents
Permission Program. Support for Version 6 Only. Allowing SAS/SHARE Client Access to SAS Libraries or Files CHAPTER 40

SAS Support for TELNET on Windows

OS/390 Platform Examples

Windows: SPX Access Method

OS/2: SPX Access Method

CHAPTER 5 Macintosh: TCP/IP Access Method

UNIX Platform Error Messages

Using Cross-Environment Data Access (CEDA)

Communications Access Methods for. SAS/CONNECT 9.2 and SAS/SHARE 9.2

Chapter 3 Managing Results in Projects. Chapter Table of Contents

Creating and Executing Stored Compiled DATA Step Programs

External Files. Definition CHAPTER 38

Using Data Transfer Services

What Is a Communications Access Method? CHAPTER 1 Using Communications Access Methods

Chapter 6 Creating Reports. Chapter Table of Contents

Introduction. LOCK Statement. CHAPTER 11 The LOCK Statement and the LOCK Command

Data Set Options. Specify a data set option in parentheses after a SAS data set name. To specify several data set options, separate them with spaces.

SAS Catalogs. Definition. Catalog Names. Parts of a Catalog Name CHAPTER 32

Chapter 25 PROC PARETO Statement. Chapter Table of Contents. OVERVIEW SYNTAX SummaryofOptions DictionaryofOptions...

SAS I/O Engines. Definition. Specifying a Different Engine. How Engines Work with SAS Files CHAPTER 36

SAS File Management. Improving Performance CHAPTER 37

APPENDIX 2 Customizing SAS/ASSIST Software

Using MDP Extensions. What Is the Multidimensional Data Provider? CHAPTER 3

CHAPTER 13 Importing and Exporting External Data

The SERVER Procedure. Introduction. Syntax CHAPTER 8

Encryption Services. What Are Encryption Services? Terminology. System and Software Requirements APPENDIX 2

from the source host, use the FTP put command to copy a file from the source host to the target host.

CHAPTER 7 Examples of Combining Compute Services and Data Transfer Services

Formats. Formats Under UNIX. HEXw. format. $HEXw. format. Details CHAPTER 11

Data Representation. Variable Precision and Storage Information. Numeric Variables in the Alpha Environment CHAPTER 9

Macro Facility. About the Macro Facility. Automatic Macro Variables CHAPTER 14

SAS/ASSIST Software Setup

SAS Data Libraries. Definition CHAPTER 26

Examples That Use Remote Objecting

Using the SQL Editor. Overview CHAPTER 11

Storing and Reusing Macros

This chapter is recommended primarily for server administrators.

Optimizing System Performance

Chapter 28 Saving and Printing Tables. Chapter Table of Contents SAVING AND PRINTING TABLES AS OUTPUT OBJECTS OUTPUT OBJECTS...

SAS. Installation Guide Fifth Edition Intelligence Platform

Introduction to MDDBs

APPENDIX 4 Migrating from QMF to SAS/ ASSIST Software. Each of these steps can be executed independently.

Defining Your Data Sources

Chapter 14 Introduction to the FACTEX Procedure

OpenVMS Operating Environment

SAS Simulation Studio 14.1: User s Guide. Introduction to SAS Simulation Studio

Graphics. Chapter Overview CHAPTER 4

SAS Component Language (SCL) Interface to Agent Services

SAS Integration Technologies Server Administrator s Guide

QUEST Procedure Reference

Installation Instructions for SAS/ACCESS Interface to SAP BW

Locking SAS Data Objects

Informats. Informats Under UNIX. HEXw. informat. $HEXw. informat. Details CHAPTER 13

OS/390: APPC Access Method

DBLOAD Procedure Reference

_beginmethod method 177 BINARY option, PROC DOWNLOAD statement. BINARY option, PROC UPLOAD statement

Using Dynamic Data Exchange

Routing the SAS Log and SAS Procedure Output

SAS/IntrNet 9.3. Overview. SAS Documentation

Chapter 13 Multivariate Techniques. Chapter Table of Contents

Scheduling in SAS 9.2

Installation Instructions for SAS Activity-Based Management 6.2

Chapter 9 Selected Examples. Queues with Reneging

Licensing SAS DataFlux Products

The EXPLODE Procedure

Changes and Enhancements

Administrator for Enterprise Clients: User s Guide. Second Edition

Scheduling in SAS 9.4, Second Edition

Alternative ODS HTML Statements for Running Examples in Different Operating Environments

Administering SAS Enterprise Guide 4.2

Chapter 23 Introduction to the OPTEX Procedure

Routing Output. Producing Output with SAS Software CHAPTER 6

SAS Web Infrastructure Kit 1.0. Overview

SAS/CONNECT 9.2. User s Guide

Chapter 15 Mixed Models. Chapter Table of Contents. Introduction Split Plot Experiment Clustered Data References...

Encryption in SAS 9.3 Second Edition

Chapter 2 User Interface Features. networks Window. Drawing Panel

Chapter 23 Animating Graphs. Chapter Table of Contents ANIMATING SELECTION OF OBSERVATIONS ANIMATING SELECTED GRAPHS...347

Overview. CHAPTER 2 Using the SAS System and SAS/ ASSIST Software

How to Use Version 7 Features to Optimize the Distributed Capabilities of SAS Software. Cheryl Garner, SAS Institute, Inc.

Chapter 27 Saving and Printing Graphics

SAS Drug Development 3.5

SAS Drug Development 3.3_03. December 14, 2007

SAS Enterprise Guide 4.3

SCL Arrays. Introduction. Declaring Arrays CHAPTER 4

SAS/ACCESS Interface to R/3

Grid Computing in SAS 9.2. Second Edition

The correct bibliographic citation for this manual is as follows: SAS Institute Inc Proc EXPLODE. Cary, NC: SAS Institute Inc.

SAS/CONNECT for SAS Viya 3.3: User s Guide

SAS Workflow Manager 2.2: Administrator s Guide

Installation Instructions for Release 5.2 of the SAS Performance Management Solutions

Customizing Your SAS Session

DataFlux Secure 2.5. Administrator s Guide. Second Edition. SAS Documentation

JDMS - A Java Based Alternative to Motif DMS Windows Susanna Wallenberger, Janice Replogle, SAS Institute Inc., Cary NC

Grid Computing in SAS 9.4

The GTESTIT Procedure

Introduction. Getting Started with the Macro Facility CHAPTER 1

Using CVS Repositories with SAS

Tasks Menu Reference. Introduction. Data Management APPENDIX 1

Chapter 7 File Access. Chapter Table of Contents

Transcription:

479 CHAPTER 36 UNIX Spawner Program Starting the UNIX Spawner Program 479 Examples of Starting and Connecting to the UNIX Spawner Program 482 Ending the UNIX Spawner Program 483 Starting the UNIX Spawner Program As an alternative method to signing on through the TELNET daemon, the UNIX spawner program allows SAS/CONNECT sessions on UNIX systems without requiring that username and password pairs be passed over the network in clear text mode. If the local SAS session is running Release 6.09E or a subsequent release or Release 6.11 TS040 or a subsequent release, all data that flow from the local host to the spawner program during sign on are encrypted. Unlike the TELNET sign-on process, the UNIX spawner program allows sign ons to a UNIX system without scripts. In most cases, you should run the UNIX spawner using the root privilege in order to start the remote SAS processes with the privileges of the user who connects to the spawner. For connections to a UNIX remote host with the TCP/IP access method, SAS/ CONNECT uses the default authentication program to verify the remote host s userid and to verify that the password is correct for the specified userid. A SAS/CONNECT user implicitly invokes the authentication program when making a connection to a UNIX remote host by means of the UNIX spawner program. The spawner program is stored on the remote host in the!sasroot/ utilities/bin directory. Here is the syntax for the command to start the UNIX spawner program: SASTCPD <-BACKGROUND> <-HELP> <-INHERITANCE> <-NETENCRALG algorithm> <-NETENCRYPT YES NO> <-NETENCRKEY n> <-NETMAC -NONETMAC> <-NOCLEARTEXT> <-NOSCRIPT> <-PATH filename> <-SASCMD filename> <-SERVICE service-name> <-SHELL>

480 Starting the UNIX Spawner Program 4 Chapter 36 <-USER> -BACKGROUND specifies that the UNIX spawner program run as a background process. The default specifies that the spawner program run in the foreground. -HELP prints a list of valid parameters. -INHERITANCE causes the SAS session that is spawned to inherit the socket that was created when the spawner accepted the initial connection from the local SAS session. This option is useful if your configuration involves a firewall and you want to minimize the number of ports that you define to the firewall for use by SAS/CONNECT. If you start a spawner with the -INHERITANCE option, you then define the port that the spawner is listening on to the firewall and map it to the server machine s port. This will enable any number of SAS/CONNECT clients to connect through this single port and SIGNON to a remote host on the inside of the firewall. Each client just opens a unique socket on the defined port. This eliminates the need to define an individual port for each client that may need to come in through the firewall. In this configuration you set your REMOTE= value to a two-level name where the first level is the name of the host running the firewall and the second level is the well-known service name of the port that you have enabled for connections. -NETENCRALG algorithm If you specify more than one algorithm, enclose the algorithm names in parenthesis and use commas to separate the names. If there are embedded blanks in the algorithm name, enclose each algorithm in quotation marks. Set this option at the remote host and, optionally, at the local host to specify one or more encryption algorithms to use in a SAS/CONNECT session. However, the local host and the remote host must share an encryption algorithm in common. If you specify the option in the remote host session only, the local host attempts to select an algorithm that was specified at the remote host. If you also set the option at the local host and specify an algorithm that is not specified at the remote host, the local host s attempt to connect to that remote host fails when the local host assigns a library. Valid values for this option are RC2 RC4 DES TripleDES SAS Proprietary. See the SAS/CONNECT User s Guide or the SAS/SHARE User s Guide for more information about the -NETENCRALG option. -NETENCRYPT Set this option at both the local host and the remote host. At the remote host, this option specifies that encryption is required for each connection from a local host SAS session. At the local host, this option specifies that the local host must connect only to a remote host that supports encryption. The default for this option is that encryption is used if the NETENCRALG option is set and if both the local host and the remote host are capable of

UNIX Spawner Program 4 Starting the UNIX Spawner Program 481 encryption. If encryption algorithms were specified but either the local host or the remote host is incapable of encryption, then encryption will not be performed. Encryption may not be supported at the local host or the remote host for the following reasons: 3 You are running a release of SAS (prior to Version 7) that does not support encryption. 3 Your site has not purchased a SAS/SECURE license for a specific platform. 3 You specified encryption algorithms in the local host and the remote host SAS sessions that are incompatible. 3 You do not have a cryptographic service provider installed on your UNIX system. See the SAS/CONNECT User s Guide or the SAS/SHARE User s Guide for more information about the -NETENCRYPT option. -NETENCRKEY n You set this option in either the local host or the remote host SAS session. It specifies the key length to be used by the encryption algorithm. Valid values for this option are 128 specifies 1024-bit RSA and 128-bit RC2 and RC4 key algorithms. 40 specifies 512-bit RSA and 40-bit RC2 and RC4 key algorithms. 0 no value is set. This is the default. If you require extra security, then set the -NETENCRKEY option to 128. If you prefer to save CPU, then set the -NETENCRKEY option to 40. By default, if you try to connect a host that is capable of only a 40-bit key length with a host that is capable of both a 40-bit and a 128-bit key length, then the connection is made using the lesser key length. If both hosts are capable of 128-bit key lengths, then a 128-bit key length is used. See the SAS/CONNECT User s Guide or the SAS/SHARE User s Guide for more information about the -NETENCRKEY option. -NETMAC -NONETMAC Set this option to control the use of Message Authentication Codes (MACs) on network communications. A Message Authentication Code is the equivalent of a checksum that is used to ensure that the original message has not been modified. This option may be set at either the local host or the remote host. The default is -NETMAC. See the SAS/CONNECT User s Guideor the SAS/SHARE User s Guide for more information about the -NETMAC option. -NOCLEARTEXT prevents a sign on from a local host that does not support username and password encryption. This option prevents local hosts in a SAS session that are running releases prior to 6.09E and 6.11 TS040 from signing on to the spawner program. The default is to accept both encrypted and clear-text userids and passwords. This allows local hosts in a SAS session that are running releases prior to 6.09E and 6.11 TS040 to sign on to the UNIX spawner program. -NOSCRIPT prevents sign ons from local hosts that use scripts, and allows sign ons only from local hosts that do not use scripts. For the TCP/IP access method, the spawner program requires a script file, or it will verify the supplied userid and the password. This option requires that the user set security in the local SAS session prior to sign on. For details about setting

482 Examples of Starting and Connecting to the UNIX Spawner Program 4 Chapter 36 security (for example, by means of the USER= and PASSWORD= options in an appropriate statement), see Setting Security for SAS/CONNECT and SAS/ SHARE on page 295. If you use the -NOSCRIPT option, you must also use the -SASCMD option. -PATH pathname specifies the location of the SAS system directory that contains the dynamic link library (dll) files needed to access the encryption algorithms. The -PATH option is used with -NETENCRALG. -SASCMD filename specifies the name of an executable file that starts a SAS session when you sign on without a script. If the RLINK fileref is not defined in the local host SAS session, then the user is signing on without a script. In this case, the -SASCMD option must be specified. Here is an example of the content of an executable file that starts a SAS session: #---------------------------------- # mystartup #---------------------------------- #!/bin/ksh. ~/.profile sas -dmr -noterminal -no\$syntaxcheck -device grlink -comamid tcp #------------------------------ -SERVICE service-name specifies the name of the service that the UNIX spawner program uses to listen for incoming requests. This value is identical to the service value in the REMOTE= option that the user specifies at the local host prior to sign on. Because there is no default, you must specify this value. See Specifying the Remote Node Name on page 301 for details. The service name must be defined identically in the /etc/services file on both the local and remote hosts. See Configuring the SERVICES File on page 485 for more information about the /etc/services file. -SHELL allows the SAS session that is invoked by the UNIX spawner program to create a shell. A shell is necessary for the remote host to execute commands. -USER allows the UNIX spawner program to run without root privileges. SAS assumes the security status of the user or the administrator who started the spawner program. The default action is to assume the privileges of the user whose username and password are given to the UNIX spawner program by the remote client that is connecting to spawner. Note: Because some UNIX systems require root privilege in order to validate passwords, this option may not work on all UNIX systems. 4 Examples of Starting and Connecting to the UNIX Spawner Program The following examples illustrate how to start the spawner program and how to connect to it. Example 1: The following command starts the spawner program at the remote UNIX host with the service spawner and allows connections only from local hosts that support username and password encryption.

UNIX Spawner Program 4 Ending the UNIX Spawner Program 483 sastcpd -service spawner -nocleartext At a UNIX local host host, the following statements specify a script file named tcpunix.scr that makes a connection to the spawner program named monarch.spawner. The value monarch for REMOTE= is the name of the UNIX node, or it can be a macro variable that contains the Internet address of the UNIX node where the spawner program is running. options comamid=tcp; options remote=monarch.spawner; filename rlink!sasroot\connect\saslink\tcpunix.scr ; signon; Example 2: From the UNIX node that will be the remote side of a SAS/CONNECT session, the following command starts the spawner program with the service name spawner, which supports only sign ons without scripts. sastcpd -service spawner -noscript -sascmd /u/username/mystartup The mystartup file starts the remote SAS session. See the -SASCMD option for an example of the content of the mystartup executable file. At an OS/390 local host, the TCP/IP access method is used to connect to the remote host named rmthost, which must be either the node name of the OS/390 node or a macro variable that contains the Internet address of the OS/390 node where the spawner program is running. The USER= option to the SIGNON statement prompts the user for a userid and password when connecting to rmthost on which the OS/390 spawner named spawner runs. options comamid=tcp; signon rmthost.spawner user=_prompt_; Ending the UNIX Spawner Program To end the spawner program, enter the interrupt signal, which typically is CTRL-C. If the UNIX spawner is running in the background, kill its process.

484 Ending the UNIX Spawner Program 4 Chapter 36

The correct bibliographic citation for this manual is as follows: SAS Institute Inc., Communications Access Methods for SAS/CONNECT and SAS/SHARE Software, Version 8, Cary, NC: SAS Institute Inc., 1999. pp. 643. Communications Access Methods for SAS/CONNECT and SAS/SHARE Software, Version 8 Copyright 1999 by SAS Institute Inc., Cary, NC, USA. ISBN 1 58025 479 9 All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, or otherwise, without the prior written permission of the publisher, SAS Institute Inc. U.S. Government Restricted Rights Notice. Use, duplication, or disclosure of the software by the government is subject to restrictions as set forth in FAR 52.227 19 Commercial Computer Software-Restricted Rights (June 1987). SAS Institute Inc., SAS Campus Drive, Cary, North Carolina 27513. 1st printing, September 1999 SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. indicates USA registration. IBM, ACF/VTAM, AIX, APPN, MVS/ESA, OS/ 2, OS/390, VM/ESA, and VTAM are registered trademarks or trademarks of International Business Machines Corporation. indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies. The Institute is a private company devoted to the support and further development of its software and related services.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback