HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

SSH remote port setup.

 
TimF
Occasional Visitor

SSH remote port setup.

Trying to setup a port for SSH file transfers. The remote server (sending system) is SUN Solaris server runing in SSH1 compatabilty mode.

I realize I may have to change the ssh2_config file for SSH1 compatability and the possibly the port number.
I'd appreciate information on that as well.

The remote node has an host entry in tcpip/services.
SSH Server and client are started.
When I enter the following I am prompted for a password. (Note: I have an id on the solaris box. please advise if I need to enter this command any differently.)

ssh -"R" 2001:localhost:5500 remotehost

Running VMS 7.3-2. TCPIP 5.4 (no ecos)
(I cannot patch until a date in the near future.)

5 REPLIES
Steven Schweda
Honored Contributor

Re: SSH remote port setup.

I'm no expert on this stuff, but what's the
purpose of that command?

"SSH file transfers" how?

Can you do a simple "ssh" between these hosts?

> I am prompted for a password.

So? What happens when you supply one?
TimF
Occasional Visitor

Re: SSH remote port setup.

RE: I'm no expert on this stuff, but what's thepurpose of that command?

"SSH file transfers" how
Neither am I that is why I asked the question

RE: "Can you do a simple "ssh" between these hosts?"


RE:> "I am prompted for a password.

So? What happens when you supply one?"

I don't have an account. So, supply a password is futile.



Steven Schweda
Honored Contributor

Re: SSH remote port setup.

> Note: I have an id on the solaris box.

> I don't have an account.

Eh?

"scp -help" and "sftp -help" provide some
info on some file transfer programs.

I'd work on getting a simple "ssh" log-in to
work before I started worrying about anything
else.

alp $ tcpip show version

HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 5
on a COMPAQ Professional Workstation XP1000 running OpenVMS V7.3-2
Steven Schweda
Honored Contributor

Re: SSH remote port setup.

Incidentally, I did manage to bumble into a
working public-key configuration which allows
me to use "ssh" (and friends) between a VMS
system and a Solaris system. To wit:

alp $ ssh ung
Authentication successful.
Last login: Thu Feb 2 05:11:48 2006 from alp
Sun Microsystems Inc. SunOS 5.9 Generic May 2002

ung% uname -a
SunOS ung 5.9 Generic_118558-17 sun4u sparc SUNW,Ultra-1

ung% ssh -V
SSH Version Sun_SSH_1.0.1, protocol versions 1.5/2.0.

ung% ssh alp
@ SYS$MANAGER:ANNOUNCE.TXT [Bug-free. Not.]
[...]

alp $ ssh "-V"
alp$dka0:[sys0.syscommon.][sysexe]tcpip$ssh_ssh2.exe: SSH Secure Shell OpenVMS (
V5.5) 3.2.0 on COMPAQ Professional Workstation - VMS V7.3-2

[...]

alp $ lo
Connection to alp closed. at 2-FEB-2006 05:20:47.33
ung% lo

Connection to ung closed.


alp $ scp notes.txt ung:ssh_notes.txt
notes.txt | 8.5kB | 8.5 kB/s | TOC: 00:00:01 | 100%


Thus, it is possible to get this stuff to
work, more or less, give or take.
Don Nutt
Advisor

Re: SSH remote port setup.

Tim,

Steven has got it, the way to to do port forwarding automatically (thru DCL/bash) is to generate a pair of shared keys. Insure that you use the switches that force SSH1 keys (updating to ssh2 or openssh would be alot better). However I know the issues in getting time to apply patches.

The one thing I see that you and Steven show is the assumption that the login name is exactly the same on both the Sun and VMS, if it isn't make sure you use the uname@host.

I personally use a file with my localhost:remotehost configuration. It facilitates bringing back a number of ports to from one environment to another thru a firewall(s).

Don

Here is an example of my forwarding list (full version attached):

RemoteForward 10100:localhost:23
RemoteForward 10101:localhost:3130
RemoteForward 10102:localhost:102
RemoteForward 10103:localhost:399
RemoteForward ftp/10104:localhost:21
RemoteForward 10105:localhost:512
RemoteForward 10106:localhost:3131
RemoteForward 10107:localhost:3135
RemoteForward 10108:localhost:4994
RemoteForward 10109:localhost:4998
RemoteForward 10130:server3:23
RemoteForward 10131:server3:3130
RemoteForward 10132:server3:102
RemoteForward 10133:server3:399
RemoteForward ftp/10134:server3:21


This one actually goes to a Tru64 box with a iptables and implementing virtual ip's and port rules to map the ports back where they belong so that the local users have no real idea whats going on and I get to manage the servers as if I was on that side of 2 firewalls. We keep the tunnel.cfg on the remote side server and scp the file down and then invoke the config.

ssh -F tunnel.cfg username@server

Good Luck, there are alot of good guys out here to help you if you get into jam....

I read more than I answer, thanks to everyone.

Don