In the past, using a client-server architecture with IBM Informix database software required adding an entry on the database server with the client details, either in a .rhosts file in a specific user directory or the/etc/hosts.equiv file. If one of these was not present the client would receive an -956 error when attempting to connect to the server:
listener-thread: err = -956: oserr = 0: errstr = [email protected][clientmachine.company.com]: Client host or user [email protected][clientmachine.company.com] is not trusted by the server.
While .rhosts or /etc/hosts.equiv worked, it was often inconvenient to place a .rhosts file in the home directory of each user that needed to connect, and root prilivleges are usually required to add or edit a hosts.equiv in the /etc directory.
Starting in IBM Informix 11.70 and higher, IBM addressed this issue with a special configuration parameter that can be placed in $INFORMXIDIR/etc and is owned by the database server user (informix in most cases). The parameter is specified by REMOTE_SERVER_CFG in the onconfig file for an instance:
The file can have any name you wish as long as it exists.
The format of the file is the same as hosts.equiv with a client hostname and user ID separated by white space:
The benefits of this mechanism are both the database administrator (DBA) having the ability to add and edit trusted client users without involving a system administrator, and the ability of the DBA to add the trusted user configuration file on the fly with onmode -wm:
onmode -wm REMOTE_SERVER_CFG=trusted_clients.file
Once executed, the above command will take immediate effect until the database server is stopped. To write the configuration parameter to the onconfig file permanently, use onmode -wf:
onmode -wf REMOTE_SERVER_CFG=trusted_clients.file