- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: SSH and ACME
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2008 03:23 AM
тАО03-20-2008 03:23 AM
However, I found a Document somewhere in HP saying:
>> SSH 5.5 ECO1 and prior versions do not
>> support external password authentication.
(http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c00639632-2)
Now, I cannot find any hint that this has changed for the current versions (VMS V8.3, TCP/IP V5.6-9ECO2). I even think to remember having seen a more recent mentioning of this problem in this forum, but I'm not able to locate it.
Does anyone have some more information about this?
Edwin
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2008 04:23 AM
тАО03-20-2008 04:23 AM
Solutionsee this entry from about 2 months ago:
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1197550
Converting various TCP/IP Services components (IMAP, POP, PCNFS, XDM, and yes, SSH) to use the $ACM system service for password authentication is on the worklist for a future release
Volker.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2008 04:36 AM
тАО03-20-2008 04:36 AM
Re: SSH and ACME
VMS Authentication Module
http://www.process.com/VMSauth/index.html
From the SPD:
VAM supports the following operating
system versions:
* OpenVMS VAX V7.3
* OpenVMS Alpha V6.2 and higher
* OpenVMS I64 V8.2 and higher
VAM supports the following TCP/IP
stacks and versions:
* MultiNet V4.4 and later
* TCPware V5.6-2 and later
* TCP/IP Services v4.0 (plus ECO v5)
or later
Cheers,
Art
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2008 05:04 AM
тАО03-20-2008 05:04 AM
Re: SSH and ACME
Many thanks. That's exactly the entry I was after. Somehow I missed it with whatever keywords I was trying.
Art,
I don't see how this can help me if SSH does not use the right hooks.
Edwin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2008 05:22 AM
тАО03-20-2008 05:22 AM
Re: SSH and ACME
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-21-2008 04:09 AM
тАО03-21-2008 04:09 AM
Re: SSH and ACME
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-21-2008 05:34 AM
тАО03-21-2008 05:34 AM
Re: SSH and ACME
So without a third-party solution, you cannot use AD Authentication?
HP offers several solutions:
1. Use Advanced Server for OpenVMS to provide NTLM authentication for ExtAuth users. Using Advanced Server for ExtAuth involves no cost - it's absolutely free. But Advanced Server doesn't run on Itanium systems.
However, if an Itanium system is in a cluster with an Alpha running Advanced Server, the Itanium system can send the ExtAuth requests to the Alpha for processing (the necessary IA64 ACME modules are in sys$library: on the Alpha and the command procedure to load the acme modules on the itanium is in sys$startup: on the Alpha; these need to be copied to the Itanium and then the logical name PWRK$ACME_SERVER needs to be defined on the Itanium to the SCSNODE name of the Alpha(s)). See the release notes for Advanced Server v7.3B for more information.
2. Use LDAP. OpenVMS 8.3 (Alpha and Itanium) and later provide the ability (with the right kits installed ;o), to use LDAP for ExtAuth. Authentication can be directed to an Active Directory server or an HP Enterprise Directory server (and possible any of the Linux LDAP adaptations, though I'm not sure that's officially supported yet). See:
http://h71000.www7.hp.com/openvms/security.html#ldap
3. Use Kerberos. See:
http://h71000.www7.hp.com/doc/83final/BA554_90008/ch02s09.html?jumpid=reg_R1002_USEN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-24-2008 10:59 PM
тАО03-24-2008 10:59 PM
Re: SSH and ACME
As mentioned by Volker, your second 'solution' does not really work - at least not with the heavily used SSH.
Would be intresting to figure out wether SSH would work with the Advanced Server, but I doubt because it is said not to use the right entry points.
Anyway, I will close this thread. For us there is not enough benefit to go for a costly third party solution.
Edwin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-24-2008 11:00 PM
тАО03-24-2008 11:00 PM