Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

Detecting SSH Connections in LOGIN.COM

 
SOLVED
Go to solution
Highlighted
Jack Trachtman
Super Advisor

Detecting SSH Connections in LOGIN.COM

I'd like to differentiate between a Telnet vs an SSH connection within LOGIN.COM

So far, I see that Telnet connections assign a TN device, while SSH assigns an FT device, but FT can also represent other "virtual?" devices, so this won't work.

I've worked out a massively kludgey method where:

1) translate SYS$REM_NODE_FULLNAME to get remote node name

2) use TCPIP SHOW HOST to convert name to IP address

3) PIPE TCPIP SHO DEV | ( SEARCH SYS$PIPE ip-address ; @script-to-look-for-string-SSH-and-port#-22 )

There's gotta be some way simpler way. A F$GETDEV("TT","some-param") maybe?

???

TIA
5 REPLIES 5
Chris Barratt
Frequent Advisor
Solution

Re: Detecting SSH Connections in LOGIN.COM

Hi Jack,

This is how we do it.

$ term = f$getjpi(0,"TERMINAL")
$ if (term .eqs. "") .or. (f$length(term) .le. 3)
$ then exit
$ endif
$ if f$extract(0,3,term) .nes. "FTA" then exit ! SSH terminals are FTA devices
$ if .not. f$getdvi(term,"TT_SECURE") then exit ! but so are Decterm ones, so check the SECURE attrib of term

Seems to do the trick.
Cheers,
Chris
Steven Schweda
Honored Contributor

Re: Detecting SSH Connections in LOGIN.COM

Compare: F$GETDVI( "TT:", "TT_ACCPORNAM")
John Gillings
Honored Contributor

Re: Detecting SSH Connections in LOGIN.COM

Jack,

I'd check:
1) non-null SYS$REM_NODE
2) F$GETDVI("TT","DEVCLASS") = DC$_TERM (66).
3) F$GETDVI("TT","TT_SECURE")

I'm fairly sure all 3 will only be true for an SSH connection.

You could also check F$MODE(), but I'm not sure if it would add any value.
A crucible of informative mistakes
Richard Whalen
Honored Contributor

Re: Detecting SSH Connections in LOGIN.COM

If the system is running MultiNet, TCPware or Process Software's SSH for TCP/IP Services
then the following is the best way to tell:
Look for "ssh/" in the first part of tt_accpornam, as in:

$ write sys$output f$getdvi("tt:","tt_accpornam")
ssh/foo.bar.com:2338

Check the logical MULTINET_KERNEL_BASE_ADDRESS to determine if MultiNet is running.
Check for the logical TCPWARE_NETCP_MBX to determine if TCPware is running.
Jack Trachtman
Super Advisor

Re: Detecting SSH Connections in LOGIN.COM

Thanks - TT_SECURE was what I needed!