3. Dialogs ________________________________________________________________ dataComet documentation. (Rev. 5/4/10) Copyright 1995 databeast, Inc. All Rights Reserved. This document has information on (select and use "Find..." to go to the section): "Using modeless configuration dialogs" Using the "New..."/"Configure Terminal Session" dialog Using the Telnet "Configure..." dialog Using the SSH "Configure..." dialog Using the SSH "Keys..." dialog Using the SSH "Make key..." dialog Using the "Kerberos Login" dialog Using the "Global" Preferences panel Using the "Printing" Preferences panel Using the "Session" Preferences panel Using the "Define macros" dialog... see "4. Macros" ___________________________________________________ "Using modeless configuration dialogs" ___________________________________________________ The modeless configuration dialogs allow you to control window settings and dataComet's global configuration. Settings take effect immediately when an option is changed. To cancel changes made in a dialog window, use the "Revert" button, the "Undo" command, or press Command-'.'. In order to make dialog option changes to a session document permanent, you need to use the File menu command "Save configuration...". You will be prompted to save the settings when a window closes if the settings have been modified. (Note that "Control" menu settings for Font, Size, Leading, Width, Bold Font, Control Font, Translation, and National are saved automatically when a window is closed.) When you select another document window, the settings in the Preferences panel change to reflect the settings for that window. The menu commands other than Close, Copy, Paste, Undo, and Select All apply to the frontmost document window. You can Control-Click on a Preferences panel item to jump to the description of the item in this document. You can click on the Preference panel names in the bar at the top of a Preferences panel to open other Preferences panels. ___________________________________________________ "Reconfigure Session..." Using the "New..."/"Configure Terminal Session" dialog in Window menu as: "Reconfigure Session...": ___________________________________________________ This dialog allows you to configure the most fundamental parameters affecting a window, including: "Window Type": You can select "Shell" to create a local Shell session, or select "Serial", "SSH", or "Telnet" to create a new session window to connect with a remote host (which will have its own ".edit" window in which you can save frequently used commands and boilerplate text). "Shell" creates a new local shell session, like a session opened using Apple's "Terminal" application. This will execute the "/usr/bin/login" UNIX command in a new window. "Serial" allows you to make direct Serial Port connections to a modem or terminal server. You can enter the phone number in the "Connect to:" field to dial a number automatically. "SSH" selects the Secure Shell protocol, which adds authentication and encryption features so session data, e.g., passwords, can't be traced by systems crackers. The SSH "Configure..." button brings up a dialog which allows you to customize SSH session options. Enter the host name or its IP address in the "Connect to:" field. "Telnet" lets you make Telnet TCP network connections. The Telnet "Configure..." button brings up a dialog which allows you to customize Telnet session options. Enter the host name or its IP address in the "Connect to:" field. Options for Telnet include: - "Initiate SSL/TLS": Open a session with an SSL/TLS Handshake negotiation without waiting for a Telnet "Start TLS" command from the host; if a socket number is not specified, it will default to socket 992. If this option is not selected, dataComet will only initiate SSL/TLS when a "Start TLS" command is received from the host; note that it will always negotiate SSL/TLS when a "Start TLS" command is received. - Telnet "Authenticate" and "Encrypt" security options are available for Kerberos 5 connections, which require that you are connecting to a host which supports Kerberos 5. - "Authenticate" uses Kerberos to log in to a host in a secure fashion, so system hackers can't crack your accounts by logging network traffic. The "Alt. ID" field below "Authenticate" allows you to enter your host login name, which will be needed if it differs from your Kerberos Principal ID (see information on "Username" below). You can make automatic Kerberos connections, skipping the login dialog, if you enter your Kerberos password in the "Password" field (see below). - "Encrypt" adds another layer of security by encoding all your communications with the host so that it's very difficult to eavesdrop on your transmissions. - The "Fwd Creds" option allows you to forward your Kerberos credentials to the host so you can access network services on other hosts through your Telnet connection (generally this should be disabled unless you actually need to do this). "Terminal Type": This popup menu allows you to select the preferred terminal type. The "Automatic" terminal type will default to a VT100 on a serial connection; on a Telnet connection "Automatic" will negotiate the "best" terminal type to use with the host. Note that a few hosts may not perform terminal type negotiations correctly, so "Automatic" mode may fail. In particular, you will need to set the PC-ANSI terminal type manually to get correct results when connecting to many bulletin board systems (BBS). The "Alt. ID" field lets you enter an alternate Telnet Terminal Type string if the default string doesn't work correctly with your host. Generally you should use this with a specific terminal type selected rather than "Automatic." (You can set this field back to an empty string to disable this feature.) "Host menus and function keys": This popup menu allows you to select alternate menus when you're connecting to a host which ordinarily expects a terminal type which has different Program Function (PF) keys, but which can use an alternate terminal type if you enter special key sequences to substitute for the standard Function keys. This option makes it much easier to use a VT100 emulator with an IBM 3270 mainframe, or to use the IBM 3270 emulator with an AS/400 host. For UNIX hosts, alternative function key mappings are listed here by the "TERM" name commonly associated with the keymapping. "Username": This field allows you to enter the name of your host account. This is sent automatically for SSH and Kerberos Telnet logins, but not for plain Telnet logins. You can make automatic Kerberos connections, skipping the login dialog, if you also enter your Kerberos Principal password in the "Password" field. "Password": This field allows you to enter the password for your host account. The password is stored in an encrypted form, with your Master Passphrase as a secret key. This is sent automatically by SSH or Kerberos when password authentication is selected. WARNING: be careful to "Lock" your sessions if you use this feature, and to select a Master Passphrase which will be difficult to guess! "Connect to:" This field is used to enter either a host name (for SSH and Telnet connections) or a telephone number (for Serial connections). If you are making a Telnet connection, this field must contain the IP address or domain name of the host to which you wish to connect. "Port:" If you need to specify a port number other than the standard SSH, Telnet, or SSL/TLS port numbers (22, 23, and 992 respectively), you can enter the port number here. "SOCKS proxy": This controls whether the Host Name/Address which follows is to be used as a proxy so connections can traverse network firewalls. "Global": By default, this control is on; it allows you to select a global SOCKS default host for all Telnet sessions. If you turn it off, you can enter a SOCKS proxy to be used for this session alone. "SOCKS Username": The SOCKS username (in case this is required). ___________________________________________________ Telnet "Configure..." Using the Telnet "Configure..." dialog ___________________________________________________ This dialog allows you to configure special options for a Telnet session. SSL/TLS options: "SSL/TLS version": Allows you to select a specific version of SSL/TLS to use for SSL/TLS connections. "Allow expired host certificate": Allows you to connect to a host with an expired SSL/TLS certificate. "Allow any root certificate": Allows you to connect to a host when the host has an untrusted root certificate. "Verify host domain name": SSL/TLS will check the host domain to to prevent host name spoofing when this option is on. Kerberos Options: "Authentication": Allows you to select a protocol for performing authentication with hosts for a Telnet session. The checkbox can be used to disable Authentication. Currently only Kerberos 5 is supported. "Encryption": The checkbox can be used to disable Encryption. Telnet allows the selection of a number of different encryption algorithms, which encrypt the plain text of your session so that eavesdroppers cannot (easily) decipher it. "DES3" Triple-DES encryption is the most secure option; generally you should use it rather than DES. Note that if no lock picture appears in the left bottom side of the emulator window after you connect, the session is not being encrypted; some hosts may not support DES3 encryption over Telnet sessions. "Compression": This option is not yet supported. "WILL SGA (Berkeley linefeed fix)": Causes dataComet to send WILL SGA, the Telnet Send-Go-Ahead option, in order to get BSD UNIX derivatives to handle carriage returns correctly. "WILL NAWS (Negotiate Window Size)": Causes dataComet to send WILL NAWS, the Telnet option which allows the host screen size to be adjusted automatically if you change the size of a dataComet emulator screen. "Display log messages on-screen": Display the Telnet logon messages on the emulator screen. This can help debug connection problems, and shows the Telnet options that are available on the host and which options are actually selected for the session. ___________________________________________________ SSH "Configure..." Using the SSH "Configure..." dialog ___________________________________________________ This dialog allows you to configure a "Secure Shell" (SSH) session. Support for these options is only included in dataComet-Secure. "SSH Version": There are two different SSH protocols, SSH1 and SSH2. This option allows you to force an SSH2 host to select SSH1 or SSH2 rather than allowing it to make the choice. "Encryption": SSH allows the selection of a number of different encryption algorithms, which encrypt the plain text of your session so that eavesdroppers cannot easily decipher it. Triple-DES is the most secure option; Blowfish is somewhat faster than 3-DES but probably not quite as secure. "Compression": SSH can compress the data stream, which enhances security and may speed up (or slow down) sessions substantially; the speed increase (or decrease) will be directly proportional to the ratio between the speed of your computer and the speed of the network connection (e.g., if you have a Macintosh G3, a session with compression on is much faster on a slow dialup connection, still significantly faster with an Ethernet connection, and possibly slower if you have a direct Gigabit Ethernet connection to a very fast host). NOTE that using compression requires an extra 250K bytes of memory per session! "MAC type": SSH2 helps guarantee communications security by adding a "Message Authentication Code" field to each data packet. The "SHA-1" protocol is used by default. "Authentication": SSH offers several different methods of "authenticating" your identity to the host. Passwords are the same as your usual host password, with the major difference that under SSH passwords are encrypted so eavesdroppers can't use network "sniffers" to steal your password. RSA and DSS "public key authentication" methods are used by SSH1 and SSH2, respectively; dataComet-Secure only supports RSA public key authentication. RSA keys must be saved in the ":dataComet Preferences:Security:" folder. NOTA BENE: Maintaining security while using a public key REQUIRES that the private key be encrypted using a Passphrase (which can be the same as your Master Passphrase) and should not be shared with other users. "Keys...": This button brings up a dialog which allows you to create, save, view, and copy public keys, so you can copy and paste them into host key files. "Use Key...": This button allows you to select the private key file which will be used for an SSH session if you select one of the public key methods in the "Authentication" popup menu. "Display log messages on-screen": Display the SSH logon messages on the emulator screen. This can help debug connection problems, and shows clearly the SSH options that are available on the host and which options are actually selected for the session. "Don't allocate PTY (host terminal handler)": This option allows you to skip creating a "pty" on the host, which is used to control the interface to applications on the host which need terminal control information. (You will almost always want this option off!) "Execute command (rssh)": Allows you to execute a command on the host and then close the session automatically. You can enter the command to be executed in the text field below. ___________________________________________________ Using the SSH "Keys..." dialog ___________________________________________________ This dialog allows you to manage RSA keys for user authentication of SSH1 "Secure Shell" sessions. (Use of RSA keys with SSH2 is not yet supported by dataComet.) The "Key File..." button allows you to open a key file in the dataComet "Security" Folder in the "dataComet Preferences" Folder so you can view and copy the public portion of the key, and save the key with a new name and passphrase if you wish. The "Public Key" field shows the public key for the key. This is the key which is added to the host file "~/.ssh/authorized_keys" to enable you to log on to the host using your key rather than a password. You can copy the Public Key in this field and then paste it into "authorized_keys" file using a host editor. NOTE that you should make every effort to keep the private portion of the key file private, including using a passphrase to encrypt it. If someone copies your private key, the can log on to your account, just as if you had given them a password for a password-protected account. The "Fingerprint" field shows the fingerprint of the key, which is a condensed representation of the key useful for verifying (e.g., in a telephone conversation) that a key is valid. The "Make Key..." button brings up a dialog which allows you to generate a new key. The "Save Key..." button allows you to save a key. ___________________________________________________ Using the SSH "Make key..." dialog ___________________________________________________ This dialog allows you to generate RSA keys. The "Key Size" field allows you to specify a size other than the usual 1024-bit key length. If you want your encrypted communications to remain secure over a long period of time, you should use more than a size greater than 1024, probably 2048. Note that it takes substantially more time to generate the key and to verify it when making a host connection when you use a larger key. The "Comment" fields allows you to enter a comment, which will be appended to the newly generated key. The progress bar indicates roughly the amount of work left in generating the key. ___________________________________________________ Using the "Kerberos Login" dialog ___________________________________________________ This dialog allows you to log in with a Kerberos ID and password. It is brought up automatically if you do not already have a valid Ticket from the Kerberos server. You should enter your Kerberos ID in the "Principal" field; for example, "wpenn@UPENN.EDU", and your Kerberos password in the "Password" field. "Custom Ticket lifetime (min.):" This option lets you select a custom expiration time for the "Ticket" which the Kerberos server will send to your computer so it can prove your identity to other computers. Selecting a shorter lifetime makes it even more difficult for system crackers to gain access to your accounts, but may require you to re-enter your password more frequently when using some services; the default lifetime is 10 hours (600 minutes). "Allow ticket forwarding": This option lets you allow Macintosh applications which use Kerberos to forward your ticket to a network host or server so that it can in turn verify your identity with other hosts or servers. Enabling this option poses some security risk, since crackers may breach security on a multi-user host/server and try to collect tickets to use to violate the privacy of your accounts. Unless you need it, this option should be left turned off. ___________________________________________________ "Global..." Using the "Global" Preferences panel ___________________________________________________ The global configuration is automatically saved in the "Comet Default" document when you quit dataComet. If you find that dataComet tends to crash on launching, try throwing out the "Comet Default" document in the System Folder. "Change Passphrase": dataComet-Secure allows you to save your session passwords encrypted using a master passphrase so you can speed up logins without seriously compromising the security of your passwords. If you wish to change your master passphrase, you can use this button to update the session passwords saved in the session documents store in the "dataComet Preferences" folder with a new password. (Note that passwords saved in session documents in other folders must be updated manually). "Splash Delay": When a registered copy of dataComet is launched it defaults to a 3-second minimum splash display; turning off this item will clear the splash screen ASAP (rather than waiting to better display the support contact information which may be included in the splash screen). "Show "New session" dialog on launch": Automatically display a "New..." dialog when dataComet is launched. "Open "Comet Default" automatically on launch": Opens the "Comet Default" document without presenting the "New..." dialog. "Hide all session .edit windows": Hides all session .edit windows for users who don't wish to use them. "Quit automatically when all windows closed": Quit the application when there are no open windows. "Option-click sends cursor motion commands": Allows you to switch between requiring a simple mouse Click and an Option-click to send cursor key movement commands in ASCII emulator windows. Prior to 4.5.2, dataComet used a simple click; however, some host applications don't handle cursor key motion sequences properly, and in addition other Telnet applications require Option-click, so Option-click is now required by default. (3270 emulator windows still position the cursor automatically with a simple mouse click.) "Don't constrain emulator window size": Allows you to resize windows so they span across two monitors. This is off by default so all window controls will always be accessible when a window size larger than the available screen area is selected. "Expire Kerberos tickets on Quit": Expires Kerberos tickets created through a dataComet-Secure session automatically when you quit dataComet. This option enhances security, and is on by default. "Update all Finder -> dataComet document links automatically": When this option is enabled, all dataComet text documents and session documents in the Documents and Sessions folders will be updated automatically so they open the last-launched copy of dataComet when they are opened from the Finder or the Dock; this allows correct linking of dataComet documents with the dataComet application, even though Snow Leopard no longer associates application documents with applications according to the document Type and Creator codes. "Display an alert once when a new release is available": "Display an alert once when a new Beta release is available": These options allow you to disable dataComet update notifications. "Display bitmap fonts for selected fonts and sizes": When this option is enabled, dataComet will scan its list of fonts and sizes, and disable antialiasing for drawing when a match is found, so that a font can be drawn with a bitmap representation. "View Font List": Allows you to view and edit the list of fonts and sizes which are to be drawn with antialiasing disabled. "Use text cursor only": If you disable this item a double underscore cursor is used to show the mouse cursor position within the active emulator window. "Hide cursor in background windows": The emulator cursor will be hidden if the emulator window is not in front. "Copy screen if no selection": If this option is on, a "Copy" command copies the whole emulator screen when there is no selection. You can turn this off if you find you have a problem with inadvertently copying and pasting the screen when you try to make a selection first but fail to select anything. (Note that this will affect the execution of dataComet Copy commands used in an AppleScript.) "Update Scrap only on switch": dataComet uses the TextEdit Scrap to contain the results of a Copy or Cut command, and updates the Application Scrap in parallel to ensure that extensions which rely on the Application Scrap will work correctly (e.g., QuickKeys & CopyPaste). This option allows you to conserve memory by updating the Application Scrap only when leaving dataComet. "Reset emulator selection after Copy": When this option is on, a Copy, Save, or Append command will reset the selection range to no selection, so the whole screen becomes the default selection range for the next Copy, Save, or Append. If you want the selection to remain fixed on the screen so you can the same selection on successive screens, turn this off. "Clear scrollback buffers automatically": This option allows you to free memory when it runs short by automatically clearing the scrollback buffers for emulator sessions which are currently in the background and not currently processing output; thus, if you alternate between several sessions configured with "unlimited" scrollback buffering, you won't need to repeatedly clear background buffers manually to allow fresh lines to scroll in the topmost window. "File Transfer options": "Always do dialog to rename files": Before transferring a file, dataComet will present a Standard File dialog allowing you to select (upload) or rename (download) the file. This is off by default. "Archive overwritten files in ".back"": This option automatically appends the contents of a file to "filename.back" before the download commences and overwrites the file. ___________________________________________________ "Printing..." Using the "Printing" Preferences panel ___________________________________________________ "Add page numbers at bottom of page": Page numbers will be added. "Print using Color map": allows color printing. "Print lines scrolled off top": All lines scrolled off the top or cleared will be printed (this duplicates the Menu item "Print lines off top"). "Show "Print..." Dialog when printing host print streams": allows you to disable print dialogs when printing VT100 print streams. "Eject page when host turns off stream printing": Some host applications repeatedly turn VT100 print streams on and off in the process of printing a page. This option allows you to configure dataComet to handle this without starting a new page every time stream printing is turned off; note that when this option is enabled you may have to use the "Page Eject" command in the File menu to print out accumulated print data if the application fails to send a Form Feed. "Print scrolling region only": is a VT100 print option, usually selected by the host. "Screen Font": Allows you to set the font used for drawing on-screen from the dialog. "Print Font": Allows you to set the font used for printing from the dialog. "Size": These popup menus allow you to set the size of the font used for drawing on-screen or when printing. "Printing Margins": These items allow you to set the margins (in 72nds/inch) when printing. ___________________________________________________ "Session..." Using the "Session" Preferences panel ___________________________________________________ This dialog allows you to control the configuration of the session which is currently on top. "Only one session per document": Setting this option causes dataComet to leave the document file open, so that double-clicking on it will bring the old session to the foreground and re-open it if it has been closed, rather than opening a brand new session. When this option is NOT selected dataComet closes the session document after getting the settings and macros from the document; in this case opening or double-clicking on the same document again will open a new, separate session window with the same host. "Connect automatically": Open the connection automatically when the document is opened. "Open session without terminal type negotiation": Some TCP/IP hosts (particularly terminal servers) may not negotiate terminal types correctly, or may not open a session by sending some data to dataComet; if this occurs, you cannot send keystrokes to the host, and the button bar is left grayed out. Setting this option will allow you to send characters to such a host. "Require session close from host": When this option is selected and the user attempts to close a session without logging out first, the user will be presented with an alert noting that the session must be closed from the host. Note that choosing the Window menu "Abort session" command will still abort a session without presenting the dialog. "Close window when session closes": Will close the window and its corresponding document automatically when your session is closed or aborted. "Prompt before closing if session open": When this option is set, you will receive an alert requesting approval when you close the window and the session is still open. "Reopen session automatically on failure": dataComet will try to re-open the session it automatically if it fails to open or is closed by an abnormal failure. "Miniaturize window on application switch": When you switch from dataComet to another application the window will automatically shrink to a small icon and expand after returning. (See the "Miniaturize" menu command.) "Notify when new data arrives while in background": Sets the dataComet icon to "bounce" when dataComet is in the background and new data arrives for the session. ____ "lines in scrollback buffer (zero = no limit)": allows you to set the maximum number of lines to save in the emulator screen scrollback buffer. ____ "Tab threshold (zero = copy all spaces)": allows you to set the threshold for converting spaces into tabs when the Edit menu item "Table Mode for Copy and Save" is on. ____ "Session keepalive (in seconds, zero = off)": enables a session keepalive so that dataComet periodically sends a Telnet Timing Mark (or a NULL character for serial sessions) to the host. This feature helps keep sessions from being terminated when connecting to hosts that have a session-inactivity timeout. NOTE that some hosts with obsolete TCP/IP software absolutely must have a keepalive set in order to maintain a session! However, ISPs strongly disapprove of the use of keepalives, so this option is off by default. "Prefer vertical cursor": The emulator cursor will normally be displayed as a vertical bar, and will shift to block or underline when in Insert mode. Usually the reverse is the case, with the vertical cursor used to indicate that the emulator is in Insert mode. "Use block cursor": Allows you to change the emulator cursor from an underline to a block. "Blink cursor": Determines whether the cursor will blink or stay on continuously. "Don't Beep": Turns off the terminal bell. "Edit window" items for controlling transfers to the session's .edit window: "Delete Returns in session.edit automatically on download": If you download a file with the same name as the session with ".edit" appended, it will be added to the session's .edit window; this option allows you to have the Carriage Returns at the end of each line stripped out automatically. "Add Returns to session.edit automatically on upload": Like the above, except that Carriage Returns will be added automatically to the end of the lines where the text was wrapped in the .edit window. ________________________________________________________________