Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

SSH key generation problem.

 
SOLVED
Go to solution
mikew_3
Advisor

SSH key generation problem.

I am trying to get SSH setup done on a VMS machine. I noticed that keys were not generated as part of the setup. When I try to execute ssh_keygen I get the following message:

IBAV02_MIKEW> ssh_keygen
$1$dka0:[sys0.syscommon.][sysexe]tcpip$ssh_ssh-keygen2.exe: FATAL: ssh_userfile_
open: using non-current uid but not initialized (uid=65540, path=/sys$sysdevice/
cgi/mikew/ssh2/random_seed.)
IBAV02_MIKEW>

Can someone tell me what I need to do to fix this?

Here is my version of TCPIP:

IBAV02_MIKEW> tcpip sho version

HP TCP/IP Services for OpenVMS Industry Standard 64 Version V5.5
on an HP rx2620 (1.60GHz/3.0MB) running OpenVMS V8.2-1

IBAV02_MIKEW>

Any help would be appreciated.

Thanks,
Michael White


17 REPLIES 17
Wim Van den Wyngaert
Honored Contributor

Re: SSH key generation problem.

Don't have that product but could you try it after removing ssh2 dir and creating a new one with the correct owner ?

Wim
Wim
mikew_3
Advisor

Re: SSH key generation problem.

Thanks for the reply. I'm not sure what you mean by correct owner. I renamed the SSH2 directory and created a new SSH2 directory and got the same result. Owner shows up as the same. Protection on the directories is a little different. old_ssh2.dir is the old one that I renamed.

IBAV02_MIKEW> dir/fu old_ssh2.dir

Directory SYS$SYSDEVICE:[CGI.MIKEW]

OLD_SSH2.DIR;1 File ID: (25470,2,0)
Size: 1/16 Owner: [1,4]
Created: 21-AUG-2008 13:58:54.48
Revised: 9-SEP-2008 10:29:20.65 (2)
Expires:
Backup:
Effective:
Recording:
Accessed:
Attributes:
Modified:
Linkcount: 1
File organization: Sequential
Shelved state: Online
Caching attribute: Writethrough
File attributes: Allocation: 16, Extend: 0, Global buffer count: 0
Default version limit: 4, Contiguous, MoveFile disabled
Directory file
Record format: Variable length, maximum 512 bytes, longest 512 bytes
Record attributes: No carriage control, Non-spanned
RMS attributes: None
Journaling enabled: None
File protection: System:RWED, Owner:RWED, Group:, World:
Access Cntrl List: None
Client attributes: None

Total of 1 file, 1/16 blocks.
IBAV02_MIKEW>


IBAV02_MIKEW> dir/fu ssh2.dir

Directory SYS$SYSDEVICE:[CGI.MIKEW]

SSH2.DIR;1 File ID: (25493,238,0)
Size: 1/16 Owner: [1,4]
Created: 9-SEP-2008 10:29:28.28
Revised: 9-SEP-2008 10:29:28.28 (0)
Expires:
Backup:
Effective:
Recording:
Accessed:
Attributes:
Modified:
Linkcount: 1
File organization: Sequential
Shelved state: Online
Caching attribute: Writethrough
File attributes: Allocation: 16, Extend: 0, Global buffer count: 0
Default version limit: 4, Contiguous, MoveFile disabled
Directory file
Record format: Variable length, maximum 512 bytes, longest 512 bytes
Record attributes: No carriage control, Non-spanned
RMS attributes: None
Journaling enabled: None
File protection: System:RWE, Owner:RWE, Group:RE, World:E
Access Cntrl List: None
Client attributes: None

Total of 1 file, 1/16 blocks.
IBAV02_MIKEW>



Thanks in advance for any help.

mikew_3
Advisor

Re: SSH key generation problem.

Something else that I noticed. The ssh_keygen process creates the random_seed file if it doesn't exist. See below:


IBAV02_MIKEW> sd
SYS$SYSDEVICE:[CGI.MIKEW.SSH2]
IBAV02_MIKEW>
IBAV02_MIKEW> dir
%DIRECT-W-NOFILES, no files found
IBAV02_MIKEW>
IBAV02_MIKEW> sho time
9-SEP-2008 10:38:42
IBAV02_MIKEW> ssh_keygen
$1$dka0:[sys0.syscommon.][sysexe]tcpip$ssh_ssh-keygen2.exe: FATAL: ssh_userfile_
open: using non-current uid but not initialized (uid=65540, path=/sys$sysdevice/
cgi/mikew/ssh2/random_seed.)
IBAV02_MIKEW>
IBAV02_MIKEW> dir/d/siz=all

Directory SYS$SYSDEVICE:[CGI.MIKEW.SSH2]

RANDOM_SEED.;1 0/0 9-SEP-2008 10:38:53.01

Total of 1 file, 0/0 blocks.
IBAV02_MIKEW>
IBAV02_MIKEW> sho time
9-SEP-2008 10:39:01
IBAV02_MIKEW>


Steven Schweda
Honored Contributor

Re: SSH key generation problem.

I haven't seen that one.

SYS$SYSDEVICE:[cgi.mikew] is your SYS$LOGIN
(home) directory? And you have write
permission there (and in/for [.ssh2])?

Normally, a (small, non-text) random_seed
file gets created there. Who owns yours, if
you have one)?

alp $ dire /owne /secu [.ssh2]ran*

Directory ALP$DKA0:[SMS.SSH2]

RANDOM_SEED.;1 [SMS] (RWD,RWD,,)

Total of 1 file.
Steven Schweda
Honored Contributor

Re: SSH key generation problem.

> RANDOM_SEED.;1 0/0 9-SEP-2008 10:38:53.01

Small, but not _that_ small:

alp $ dire /owne /secu /size [.ssh2]ran*

Directory ALP$DKA0:[SMS.SSH2]

RANDOM_SEED.;1 1 [SMS] (RWD,RWD,,)

Total of 1 file, 1 block.
mikew_3
Advisor

Re: SSH key generation problem.

Yes, that is my login directory:

IBAV02_MIKEW> sho log sys$login
"SYS$LOGIN" = "SYS$SYSDEVICE:[CGI.MIKEW]" (LNM$JOB_87702000)
IBAV02_MIKEW>

Here is the dir listing of the random_seed file:

IBAV02_MIKEW> dir/fu RANDOM_SEED.;1

Directory SYS$SYSDEVICE:[CGI.MIKEW.SSH2]

RANDOM_SEED.;1 File ID: (25500,174,0)
Size: 0/0 Owner: [1,4]
Created: 9-SEP-2008 10:38:53.01
Revised: 9-SEP-2008 10:38:53.04 (1)
Expires:
Backup:
Effective:
Recording:
Accessed:
Attributes:
Modified:
Linkcount: 1
File organization: Sequential
Shelved state: Online
Caching attribute: Writethrough
File attributes: Allocation: 0, Extend: 0, Global buffer count: 0
Version limit: 4
Record format: Stream_LF, maximum 0 bytes, longest 32767 bytes
Record attributes: Carriage return carriage control
RMS attributes: None
Journaling enabled: None
File protection: System:RWD, Owner:RWD, Group:, World:
Access Cntrl List: None
Client attributes: None

Total of 1 file, 0/0 blocks.
IBAV02_MIKEW>

Steven Schweda
Honored Contributor

Re: SSH key generation problem.

> Size: 0/0 Owner: [1,4]

[1,4]? I own my own, as you can see.

Also:

> open: using non-current uid but not initialized (uid=65540,

Note that 65540 = 65536* 1+ 4, that is,
[1,4] in UNIX-compatible C RTL crypto-speak.

I don't know how you're getting ssh2.dir
owned by SYSTEM instead of yourself. Make
one yourself, perhaps?
Steven Schweda
Honored Contributor

Re: SSH key generation problem.

> > [1,4]? I own my own, as you can see.

Well, you could see that I owned my own
random_seed, but it's true for ssh2.dir, too:

alp $ dire /owne /secu ssh2

Directory ALP$DKA0:[SMS]

SSH2.DIR;1 [SMS] (RWED,RWED,RE,E)

Total of 1 file.
mikew_3
Advisor

Re: SSH key generation problem.

I created the SSH2 dir manually and set owner as [1,4].

I looked at my user account in Authorize and this is my UIC is listed:

UAF> sho mikew

Username: MIKEW Owner: SYSTEM MANAGER
Account: SYSTEM UIC: [3,2] ([SYSTEM])
CLI: DCL Tables: DCLTABLES
Default: SYS$SYSDEVICE:[CGI.MIKEW]
LGICMD:


If I then look at the SYSTEM account it is listed as [1,4].

Do you think the UIC on my account is the problem?

I manually did this command on the SSH2 directory.

set file/owner=[3,2] ssh2.dir

Now the diretory lists the owner as system:

IBAV02_MIKEW> dir/d/siz=all/owner ssh2.dir

Directory SYS$SYSDEVICE:[CGI.MIKEW]

SSH2.DIR;1 1/16 9-SEP-2008 10:29:28.28 [SYSTEM]


Total of 1 file, 1/16 blocks.
IBAV02_MIKEW>

Do you think this is the problem? How can I correct this?

Thanks again for everyones help.