HPE Community
Operating System - OpenVMS
1751893 Members
5086 Online
108783 Solutions
New Discussion

Re: SSH Server Limiting Logins To One

 
SOLVED
Go to solution
Rick Dyson
Valued Contributor

‎02-23-2012 07:23 PM

‎02-23-2012 07:23 PM

SSH Server Limiting Logins To One

I have an AlphaServer running OpenVMS v8.3 patched to current kits and TCP/IP v5.7 ECO 2 (I believe most recent?) and am using SSHd.  I have found that only ONE session can be connected to the server at a time.  I can Set Host many times with an SSH as well, but that is all.  Telnet is disabled.  When a SSH session is connected, another one attempted fails with "warning: Authentication failed."

 

The only non-default config value I use is the Port is not at 22.  I am using the [TCPIP$SSH.SSH2]]sshd2_config. file.  I did find a config option for "MaxConnections" that was not defined explicitly.  I have tried making it a value like 10 with no impact.

 

Anyone else ever seen this problem?

 

Rick

0 Kudos
Reply
7 REPLIES 7
Steven Schweda
Honored Contributor

‎02-23-2012 09:45 PM

‎02-23-2012 09:45 PM

Re: SSH Server Limiting Logins To One

 
0 Kudos
Reply
Maurizio De Tommaso_
HPE Pro

‎02-24-2012 12:04 AM

‎02-24-2012 12:04 AM

Re: SSH Server Limiting Logins To One

TCP/IP V5.7ECO3 is the latest patch kit for the OpenVMS ip Stack (Aplha and Integrity platforms).

 

Can you post the output of the following command ?

 

$ tcpip show service ssh /full

 

 

[ I am a HPE Employee and an OpenVMS Ambassador ]
0 Kudos
Reply
Duncan Morris
Honored Contributor

‎02-24-2012 12:17 AM

‎02-24-2012 12:17 AM

Solution

Re: SSH Server Limiting Logins To One

Hi Rick,

 

is your problem that only one SSH connection is accepted on the server  from multiple sources, or that YOU can only make a single SSH connection to your server?

 

There is a problem with Reflections and multiple logins from the same source, which can be addressed by changing an option on the SSH client:

 

> The SSH-server on the host is not capable of combining
> authentication for multiple sessions. Please uncheck the
> option 'Reuse Sessions' as shown in the screenshot below.
> You can find it in the Security settings of your session file

If this is not your issue, then the output requested by Maurizio will be informative. Around here, I see

 

$ tcpip show servi ssh/fu

Service: SSH
                           State:     Enabled
Port:               22     Protocol:  TCP             Address:  0.0.0.0
Inactivity:          5     User_name: TCPIP$SSH       Process:  TCPIP$SSH
Limit:              25     Active:        0           Peak:         1

 

 


Duncan

0 Kudos
Reply
Rick Dyson
Valued Contributor

‎02-24-2012 04:42 AM

‎02-24-2012 04:42 AM

Re: SSH Server Limiting Logins To One

You found it.  The Limit in the service is set to 1!  I did not change anything in the SSH config.  Is this default?  I have I64 boxes with v8.3-1H1 and TCPIP v5.7 too that were not like that. I will dig around.

 

If I use an SSH client from somewhere, I could not connect anymore SSH sessions, though I was able to "Set Host" from other local VMS boxes as many more times as I tried.  I am the only user of this new build system so it was all done with just probably my account only.

 

SSHd is the SSH server that TCPIP Services for OpenVMS uses as the "SSH Server"

 

$ tcpip show service ssh /full
 
Service: SSH
                           State:     Enabled
Port:             1022     Protocol:  TCP             Address:  0.0.0.0
Inactivity:          5     User_name: TCPIP$SSH       Process:  TCPIP$SSH
Limit:               1     Active:        1           Peak:         1
 
File:         TCPIP$SYSTEM:TCPIP$SSH_RUN.COM
Flags:        Listen
 
Socket Opts:  Rcheck Scheck
 Receive:            0     Send:               0
 
Log Opts:     None
 File:        not defined
 
Security
 Reject msg:  not defined
 Accept host: 0.0.0.0
 Accept netw: 0.0.0.0

 

Thank you all who pointed here to look.  I guess the config file value of undefined or even explicitly defined of 10 is not used.

 

rick

0 Kudos
Reply
Steven Schweda
Honored Contributor

‎02-24-2012 05:33 AM

‎02-24-2012 05:33 AM

Re: SSH Server Limiting Logins To One

 
0 Kudos
Reply
Duncan Morris
Honored Contributor

‎02-24-2012 07:19 AM

‎02-24-2012 07:19 AM

Re: SSH Server Limiting Logins To One

Steven,

 

the limit is set to 10000 in TCPIP$CONFIG.COM for TCPIP V5.7 ECO3 on IA64 and AXP

 

I suffered from the script kiddies in the past, and so reduced the limit on my internet facing personal servers.

 

Duncan

0 Kudos
Reply
Steven Schweda
Honored Contributor

‎02-24-2012 08:22 AM

‎02-24-2012 08:22 AM

Re: SSH Server Limiting Logins To One

 
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.