- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: SFTP setup summary
Operating System - OpenVMS
1760942
Members
5332
Online
108895
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-13-2011 04:50 AM
тАО05-13-2011 04:50 AM
SFTP setup summary
I have spent some time recently trying to understand how to create private/public keys. This is a summary of my understanding which may be of use to others.
Configuration for password-less communication between user a1 on VMS host v1 to user a2 on VMS host v2 using private/public key pairs.
1. sftp to both a1@v1 and a2@v2. This will create the [.ssh2] directory correctly.
2. in user a1 directory ssh2
$ @SYS$MANAGER:TCPIP$DEFINE_COMMANDS.COM
$ ssh_keygen "-P"
This produces private key ID_DSA_2048_A. and public key ID_DSA_2048_A.PUB
$ rename ID_DSA_2048_A. a1_v1.
$ rename ID_DSA_2048_A.PUB a1_v1.pub
$ set prot=w:r A.PUB a1_v1.pub ! Everybody can read public key
$ set prot=(g,w) A.PUB a1_v1. ! Private key remains private
$ create IDENTIFICATION.
Idkey ID_DSA_02048_A
$ create AUTHORIZATION.
KEY A2_V2.PUB
$ copy/ftp a1_v1.pub v2"a2 password"::[.ssh2]
3. repeat correspondingly for user a2
4. Now sftp should work in both directions
from a1
$ sftp a2@v2
From a2
$ sftp a1@v1
NB IDENTIFICATION. Is users private key (no '.')
AUTHORIZATION. Is list of strangers public keys
Comunication between a1 on VMS host v1 to a3 on Unix host u1
1. in a3
~> cd .ssh
~/.ssh> ssh-keygen -t rsa
This produces private key id_rsa and public key id_rsa.pub
2. convert public key to vms format
ssh-keygen -e -f key id_rsa.pub > a3_u1.pub
3. ftp a3_u1.pub to a1 directory ssh2
4. ftp a1_v1.pub from user a1 to .ssh as a1_v1.pub_vms
5. convert to OpenSSH format
Ssh_keygen -i -f a1_v1.pub_vms > a1_v1.pub
6. Add to authorized keys
Cat a1_v1.pub authorized_keys
7. sftp should now work
Sftp a1@v1
8. Repeat for user a2 on v2, but do
Cat a1_v1.pub a2_v2.pub > authorized_keys
9. In user a1 on host v1 append the line 'KEY a3_u1.PUB' to AUTHORIZATION.
10 sftp should now work
Sftp a3@u1
Configuration for password-less communication between user a1 on VMS host v1 to user a2 on VMS host v2 using private/public key pairs.
1. sftp to both a1@v1 and a2@v2. This will create the [.ssh2] directory correctly.
2. in user a1 directory ssh2
$ @SYS$MANAGER:TCPIP$DEFINE_COMMANDS.COM
$ ssh_keygen "-P"
This produces private key ID_DSA_2048_A. and public key ID_DSA_2048_A.PUB
$ rename ID_DSA_2048_A. a1_v1.
$ rename ID_DSA_2048_A.PUB a1_v1.pub
$ set prot=w:r A.PUB a1_v1.pub ! Everybody can read public key
$ set prot=(g,w) A.PUB a1_v1. ! Private key remains private
$ create IDENTIFICATION.
Idkey ID_DSA_02048_A
$ create AUTHORIZATION.
KEY A2_V2.PUB
$ copy/ftp a1_v1.pub v2"a2 password"::[.ssh2]
3. repeat correspondingly for user a2
4. Now sftp should work in both directions
from a1
$ sftp a2@v2
From a2
$ sftp a1@v1
NB IDENTIFICATION. Is users private key (no '.')
AUTHORIZATION. Is list of strangers public keys
Comunication between a1 on VMS host v1 to a3 on Unix host u1
1. in a3
~> cd .ssh
~/.ssh> ssh-keygen -t rsa
This produces private key id_rsa and public key id_rsa.pub
2. convert public key to vms format
ssh-keygen -e -f key id_rsa.pub > a3_u1.pub
3. ftp a3_u1.pub to a1 directory ssh2
4. ftp a1_v1.pub from user a1 to .ssh as a1_v1.pub_vms
5. convert to OpenSSH format
Ssh_keygen -i -f a1_v1.pub_vms > a1_v1.pub
6. Add to authorized keys
Cat a1_v1.pub authorized_keys
7. sftp should now work
Sftp a1@v1
8. Repeat for user a2 on v2, but do
Cat a1_v1.pub a2_v2.pub > authorized_keys
9. In user a1 on host v1 append the line 'KEY a3_u1.PUB' to AUTHORIZATION.
10 sftp should now work
Sftp a3@u1
- Tags:
- sftp
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-13-2011 08:16 AM
тАО05-13-2011 08:16 AM
Re: SFTP setup summary
> [...] Unix host [...]
> [...] OpenSSH [...]
The details may vary according to which
UNIX(-like) OS and SSH software are involved.
Tru64, for example, may use the same key
format as VMS.
> ~/.ssh> ssh-keygen -t rsa
Any reason to select RSA here, but DSA on the
VMS system?
> 6. Add to authorized keys
> Cat a1_v1.pub authorized_keys
"Add to" would look more like:
cat a1_v1.pub >> authorized_keys
And "Cat" and "cat" are not the same things
in a typical UNIX(-like) environment. Same
for "Ssh_keygen" and "ssh-keygen".
> 8. Repeat for user a2 on v2, but do
> Cat a1_v1.pub a2_v2.pub > authorized_keys
Again, ">>", unless you wish to lose any
existing content in "authorized_keys".
That new copy+paste technology I've read
about is supposed to be able to help reduce
transcription errors in situations like this.
> [...] OpenSSH [...]
The details may vary according to which
UNIX(-like) OS and SSH software are involved.
Tru64, for example, may use the same key
format as VMS.
> ~/.ssh> ssh-keygen -t rsa
Any reason to select RSA here, but DSA on the
VMS system?
> 6. Add to authorized keys
> Cat a1_v1.pub authorized_keys
"Add to" would look more like:
cat a1_v1.pub >> authorized_keys
And "Cat" and "cat" are not the same things
in a typical UNIX(-like) environment. Same
for "Ssh_keygen" and "ssh-keygen".
> 8. Repeat for user a2 on v2, but do
> Cat a1_v1.pub a2_v2.pub > authorized_keys
Again, ">>", unless you wish to lose any
existing content in "authorized_keys".
That new copy+paste technology I've read
about is supposed to be able to help reduce
transcription errors in situations like this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-16-2011 05:07 AM
тАО05-16-2011 05:07 AM
Re: SFTP setup summary
Just for general info
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP