- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: RSH between OpenVMS machines without password
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 03:06 AM
08-19-2011 03:06 AM
Hello people, first of all, I'm not an OpenVMS expert. What I'm trying to do is quite simple on Linux, but I'm stuck on OpenVMS.
I want use RSH between two OpenVMS machines (one V7.,2 and other one V8.3-1H1) WHITHOUT USING A PASSWORD. This because I need to execute a remote script, but I don't want "share" the password in the main script.
RSH works fine on te source machine, but, for sure ask me for a password.
The simple question is, is there a way to avoid password request?
Thanks
Solved! Go to Solution.
- Tags:
- rsh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 05:22 AM - edited 08-19-2011 05:24 AM
08-19-2011 05:22 AM - edited 08-19-2011 05:24 AM
Re: RSH between OpenVMS machines without password
Use ssh (details here), not rsh. ssh can do remote logins and can also execute single commands, and certificate-based no-password or passphrase-based logins. And FWIW, rsh, telnet, ftp and related are old, and lack any form of security; these tools expose your credentials. (If the security of your authentication credentials is a concern, then these older protocols are Bad News.)
If security isn't a particular concern and you have a DECnet connection (whether DDCMP or DECnet-Plus / DECnet Phase V over IP) between these systems, then you can use DECnet and DCL and proxies. No need for ssh nor rsh or related. Somewhat simpler (but also somewhat less capable) is SUBMIT /REMOTE command.
More advanced are distributed task management tools; task and batch and process schedulers. VMS lacks basic scheduling tools, but there are add-on tools that can potentially allow you to reach your general goals here. And an intermediate step up from the SUBMIT /REMOTE command is the HP DQS package; the distributed queue services package.
edit: The link color scheme here really obscures the embedded links, too.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 06:37 AM
08-19-2011 06:37 AM
Re: RSH between OpenVMS machines without password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 08:59 AM - edited 08-19-2011 09:00 AM
08-19-2011 08:59 AM - edited 08-19-2011 09:00 AM
Re: RSH between OpenVMS machines without password
Thanks for reply, SSH could be the solution, however the security is not important in my case since both machines are in the same LAN behind a multiple firewalls!
The problem is that in the source machine there's no SSH client/server installation:
ABCD31:SYSTEM> ssh
%DCL-W-IVVERB, unrecognized command verb - check validity and spelling
\SSH\
Compaq TCP/IP Services for OpenVMS Server Components Configuration Menu Configuration options: 1 - BIND Disabled Stopped 12 - NTP Enabled Started 2 - BOOTP Disabled Stopped 13 - PC-NFS Disabled Stopped 3 - DHCP Disabled Stopped 14 - POP Disabled Stopped 4 - FINGER Disabled Stopped 15 - PORTMAPPER Disabled Stopped 5 - FTP Enabled Started 16 - RLOGIN Enabled Started 6 - IMAP Disabled Stopped 17 - RMT Disabled Stopped 7 - LBROKER Disabled Stopped 18 - SNMP Enabled Started 8 - LPR/LPD Disabled Stopped 19 - TELNET Enabled Started 9 - METRIC Disabled Stopped 20 - TFTP Disabled Stopped 10 - NFS Disabled Stopped 21 - XDM Disabled Stopped 11 - LOCKD/STATD Disabled Stopped A - Configure options 1 - 21 [E] - Exit menu
tcpip show version:
Compaq TCP/IP Services for OpenVMS Alpha Version V5.3 - ECO 2
on a AlphaServer ES40 running OpenVMS V7.3-1
Well, as already told I'm not OpenVMS expert, so, is there any way to "EASY" install SSH client/server protocol?
Also, Decnet is present between the machines, I already use it to copy files:
ABCD31:SYSTEM>COPY LOG.TXT BCDE41::$1$DKA101:[000000]LOG.TXT
Could you please advice on how execute remote script using decnet?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 09:13 AM
08-19-2011 09:13 AM
Re: RSH between OpenVMS machines without password
Since you have DECnet available you might want to look at the help for SUBMIT /REMOTE and also read up on DECnet proxies.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 09:28 AM
08-19-2011 09:28 AM
Re: RSH between OpenVMS machines without password
Another option for remote management is using SYSMAN.
$ MCR SYSMAN
> HELP SET ENVIRONMENT
> HELP DO
Sometimes mistaken for a cluster management option, sysman allows remote management of multiple stand alone nodes as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2011 10:23 AM - edited 08-19-2011 10:27 AM
08-19-2011 10:23 AM - edited 08-19-2011 10:27 AM
Re: RSH between OpenVMS machines without password
I linked to an example of the DCL you are requesting.
(And yes, the default link color scheme used in postings around here isn't as visible as it probably should be.)
Your TCP/IP Services version is too old to have ssh. There was an experimental version back then, but that'd very stale now, and vulnerable.
(Consider upgrading TCP/IP Services and/or VMS, too; a whole lot of the versions are undergoing support status transitions circa 1-Jan-2013, and V7.3-1 went off of support in 2005 or so.)
Firewalls aren't a panacea; it's fairly common for folks to use attack techniques that bypass or that drill through those these days. (And FWIW, the DEFCON SMG privilege bugs are likely present in that VMS version, too.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2011 08:37 AM
08-20-2011 08:37 AM
Re: RSH between OpenVMS machines without password
Well, unfortunately I cannot upgrade the TCP stack since the machine is in prodution and cannot be stopped! :(
However, I tried the SUBMIT /REMOTE command and it works, the bad news is that I need to run a remote script that call another script. With RSH this works, but with SUBMIT this doesn't work.
I'll try SYSMAN environment to test if it works!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2011 09:47 AM - edited 08-20-2011 09:48 AM
08-20-2011 09:47 AM - edited 08-20-2011 09:48 AM
Re: RSH between OpenVMS machines without password
smsc_1,
with SUBMIT/REMOTE you submit a DCL procedure, which is existing on the remote node, to the default SYS$BATCH queue on the remote node with an implicit SUBMIT/NOKEEP. The batch job executes under the user, which is used for Decnet access, which could be the default DECnet account, the default FAL$USER account or the DECnet proxy account, if one exists matching the user and nodename from which the SUBMIT/REMOTE command has been executed.
You can certainly invoke sub-procedures from this procedure. You need to become aware of the account, under which the remote procedure executes and the login-directory for that account. If you add the following command into the DCL procedure, the .LOG file will not be printed and deleted: $ DEFINE SYS$PRINT NLA0:
Volker.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2011 11:12 AM
08-20-2011 11:12 AM
Re: RSH between OpenVMS machines without password
Thanks for your feedback Volker,
this is what I tried:
mainscript.com (on remote machine)
copy dka100:[log]test.log dka101:[000000]
Then execute it on local machine with:
SUBMIT /REMOTE ABCD::DKA101:[SCRIPTS]mainscript.com
This works fine, but if I add the following line on mainscript.com:
copy dka100:[log]test.log dka101:[000000]
@DKA101:[SCRIPTS]test.com
Well, again, the copy command works, but the test.com script was not executed.