With the -H option you can enable and disable support of the ENCRYPTION option, which is used to negotiate the encryption method and the key used. Currently only variants DES_CFB64 and DES_OFB64 of DES64 are supported in TELNET.
As only encryption routines from the OpenSSL library are used, you can specify this library - if its name is different from the default (SYSLNK.TCP-IP-AP.nnn) - with the aid of the -Z OpenSSLlibname option (see "-Z OpenSSLlibName - Define an LMS file for an OpenSSL library").
The -H option is only effective if the -Z tls-required or -A on option is not specified at the same time.
Alternatively you can also select that the ENCRYPTION option should be supported using the TELNET client command encrypt (see "encrypt - Enable/disable ENCRYPTION option").
-H |
on | off | debug | key <x-string 1..16> |
on
An encryption method and a key are negotiated.
off
No encryption method and no key are negotiated.
off is the default.
debug
The encryption trace is enabled.
key <x-string 1..16>
Encryption key for DES
Note that no distinction is made between the key for encryption and the key for decryption. The TELNET client and TELNET server use the same key.