Operating System - OpenVMS
1745837 Members
4303 Online
108723 Solutions
New Discussion юеВ

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?

 
SOLVED
Go to solution
Tom O'Toole
Respected Contributor

Can any dcebugging be enabled on the tcp/ip services SSHD?


I'm trying to get info about a problem SSHing to tcpip services using pki from a multinet 5.2 client, which is looping when run non-interactively. I haven't found how to enable any debugging in the doc. THanks!
Can you imagine if we used PCs to manage our enterprise systems? ... oops.
7 REPLIES 7
Tom O'Toole
Respected Contributor

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?


Sorry, I meant pka (public key authentication).

This worked perfectly in the multinet 5.1 client.
Can you imagine if we used PCs to manage our enterprise systems? ... oops.
Hoff
Honored Contributor

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?

The usual knob for debugging these cases (and in increasing order of detail logged) uses the -v option:

ssh -v
ssh -vv
ssh -vvv

and the usual ssh PKE faults tend to involve differences in the key algorithms selected or available on the client or the server, or differences (or incompatibilities) in the RMS file formats of the keys between the client and the server.

A looping client implies a code problem (regardless), so -- once you've ruled out your own code around this -- I'd go look for a patch for Multinet as a start. If you're not sure of your local code, post up the DCL and post up the public key. (Or generate a test-only public/private and post that.)
Tom O'Toole
Respected Contributor

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?


Thanks, I did a bunch of client level debugging and sent output to the vendor - The client debugging pretty much provides the complete conversaion, but they are asking for server info now, as they can't reproduce it (although it sure does look like a multinet problem to me).

It seems to be something with the non-interactive (batch job) - it works fine when the batch procedure (which just consists of a couple of ssh commands), but prints out a warning (read qio failed, device is not a terminal) - then the second ssh command in that procedure loops - weird eh?

Do you know if there's any logging options for the server I can use?
Can you imagine if we used PCs to manage our enterprise systems? ... oops.
Tom O'Toole
Respected Contributor

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?


I can't write worth anything... I meant it works fine when run interactive, when a batch job - that when it generates the warning and start to loop.
Can you imagine if we used PCs to manage our enterprise systems? ... oops.
Tom O'Toole
Respected Contributor

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?


I need more coffee, you'd never know English is my first language...:-)
Can you imagine if we used PCs to manage our enterprise systems? ... oops.
Hoff
Honored Contributor
Solution

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?

Debugging the TCP/IP Services ssh daemon?

The manual:

http://h71000.www7.hp.com/doc/83final/BA548_90007/BA548_90007.PDF

The relevant page:

28.
Tom O'Toole
Respected Contributor

Re: Can any dcebugging be enabled on the tcp/ip services SSHD?


Thanks - it's there, I just wasn't finding it...!
Can you imagine if we used PCs to manage our enterprise systems? ... oops.