- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- SFTP Client (VMS) and RSA key
Operating System - OpenVMS
1752807
Members
6214
Online
108789
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2011 07:44 AM
тАО03-30-2011 07:44 AM
SFTP Client (VMS) and RSA key
I have been given a public RSA key (in text form BEGIN RSA PRIVATE KEY .... END RSA PRIVATE KEY). VMS SFTP is the client to connect to a server external to my company using this key to secure a file transmission (replace current FTP process).
Is there a one-time import of the key to my VMS system? If so, what SFTP/SSH syntax is used to import/configure?
Most documentation I have read, including http://h71000.www7.hp.com/openvms/products/ssh/ssh.pdf speak intensely about setting up SSH server and generating key pairs. In my case, I was given the public key and an address to transmit to.
A unix SFTP example was to me. I will try this same syntax when the RSA key has been delt with.
sftp -oPort=22 username@serveripaddress
Thanks,
John
- OpenVMS 8.3
- SSH Secure Shell OpenVMS (V5.5) 3.2.0
- HP TCP/IP Services for OpenVMS Alpha Version V5.6 - ECO 5
Is there a one-time import of the key to my VMS system? If so, what SFTP/SSH syntax is used to import/configure?
Most documentation I have read, including http://h71000.www7.hp.com/openvms/products/ssh/ssh.pdf speak intensely about setting up SSH server and generating key pairs. In my case, I was given the public key and an address to transmit to.
A unix SFTP example was to me. I will try this same syntax when the RSA key has been delt with.
sftp -oPort=22 username@serveripaddress
Thanks,
John
- OpenVMS 8.3
- SSH Secure Shell OpenVMS (V5.5) 3.2.0
- HP TCP/IP Services for OpenVMS Alpha Version V5.6 - ECO 5
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2011 08:10 AM
тАО03-30-2011 08:10 AM
Re: SFTP Client (VMS) and RSA key
> I have been given a public RSA key
Have them check again... looks like they gave you the private half of the key-pair.
Given an SECSH format public key, you'll want to copy that text to a file located in your [.SSH2] directory. The file should be owned by the parent and have a protection mask (RWED,RWED,RE,). The file should also be STMLF format with CR carriage control. You'll also want to create a file named AUTHORIZATION. in the same [.SSH2] directory with the same ownership/protection attributes as the public key file. In that file you'll want to have a directive authorizing this public key by filename. F. ex. a file name whatever.pub would require the following directive
key WHATEVER.pub
I suspect that not only have you been given a private key, but that the format is OpenSSH rather than the SECSH format the VMS needs. So, in addition to requesting the public key, ask that they generate it in SECSH format. If they're not familiar with SECSH format keys have them use google to search for "ssh secsh key format" or somesuch and they'll get numerous hits - this one might help - http://www.grok.org.uk/docs/ssh.html .
Have them check again... looks like they gave you the private half of the key-pair.
Given an SECSH format public key, you'll want to copy that text to a file located in your [.SSH2] directory. The file should be owned by the parent and have a protection mask (RWED,RWED,RE,). The file should also be STMLF format with CR carriage control. You'll also want to create a file named AUTHORIZATION. in the same [.SSH2] directory with the same ownership/protection attributes as the public key file. In that file you'll want to have a directive authorizing this public key by filename. F. ex. a file name whatever.pub would require the following directive
key WHATEVER.pub
I suspect that not only have you been given a private key, but that the format is OpenSSH rather than the SECSH format the VMS needs. So, in addition to requesting the public key, ask that they generate it in SECSH format. If they're not familiar with SECSH format keys have them use google to search for "ssh secsh key format" or somesuch and they'll get numerous hits - this one might help - http://www.grok.org.uk/docs/ssh.html .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2011 08:22 AM
тАО03-30-2011 08:22 AM
Re: SFTP Client (VMS) and RSA key
John,
if you are going to connect to the remote server, then it looks as though they want you to use this private key as your identification.
Allowing for the format issues mentioned above by Jim, you will want to place the private key in your [.ssh2] directory and add the following entry to [.ssh2]identification.
IdKey filename
where filename is the filename you have stored the private key in.
When your VMS system attempts to connect to the remote server, it will present this key as your credentials. They will then authenticate you against the public key which they already have.
Duncan
if you are going to connect to the remote server, then it looks as though they want you to use this private key as your identification.
Allowing for the format issues mentioned above by Jim, you will want to place the private key in your [.ssh2] directory and add the following entry to [.ssh2]identification.
IdKey filename
where filename is the filename you have stored the private key in.
When your VMS system attempts to connect to the remote server, it will present this key as your credentials. They will then authenticate you against the public key which they already have.
Duncan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2011 01:09 PM
тАО03-30-2011 01:09 PM
Re: SFTP Client (VMS) and RSA key
John,
Sounds like they've given you the wrong half! The first and last lines of the file should look like:
BEGIN RSA PUBLIC KEY
END RSA PUBLIC KEY
Once you have the public half (and hopefully they will regenerate the pair and NOT disclose the private half to you), you may need to fiddle with the file format.
Make sure the physical record terminators match the record format. For example, if the file comes from a PC with terminators, the RMS record attribute must be STREAM (not STREAM_LF). I think I've also had to CONVERT files from VAR to STREAM_LF. Otherwise, the key file format should be compatible.
Sounds like they've given you the wrong half! The first and last lines of the file should look like:
BEGIN RSA PUBLIC KEY
END RSA PUBLIC KEY
Once you have the public half (and hopefully they will regenerate the pair and NOT disclose the private half to you), you may need to fiddle with the file format.
Make sure the physical record terminators match the record format. For example, if the file comes from a PC with
A crucible of informative mistakes
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP