- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- SSH2 on VMS
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 08:24 AM
тАО02-17-2010 08:24 AM
SSH2 on VMS
We have an Alpha DS20E running VMS 7.3-2.
Trying to connect to a UNIX server with publice key encryption.
some system details below....
DAVE$ set def dkb0:[sys0.sysmgr.ssh2]
DAVE$ ssh2 "-V"
dave$dkb0:[sys0.syscommon.][sysexe]tcpip$ssh_ssh2.exe: SSH Secure Shell OpenVMS
(V5.5) 3.2.0 on COMPAQ AlphaServer DS20E 666 MHz - VMS V7.3-2
steps taken so far
1.produced the 2 keys with.......
DAVE$ run DAVE$DKB0:[VMS$COMMON.SYSEXE]TCPIP$SSH_SSH-KEYGEN2.EXE
Generating 2048-bit dsa key pair
7 o.oOo.oOo.oO
Key generated.
2048-bit dsa, system@DAVE.HBEU_AD, Wed Feb 17 2010 16:14:56
Passphrase :
Again :
Key is stored with NULL passphrase.
(You can ignore the following warning if you are generating hostkeys.)
This is not recommended.
Don't do this unless you know what you're doing.
If file system protections fail (someone can access the keyfile),
or if the super-user is malicious, your key can be used without
the deciphering effort.
Private key saved to ssh2/id_dsa_2048_b
Public key saved to ssh2/id_dsa_2048_b.pub
2.
created a file called IDENTIFICATION in my SSH" subdirectory with the following line in it
idkey id_dsa_1024_a
created a file called AUTHORIZATION in my SSH" subdirectory with the following line in it
idkey id_dsa_1024_a.pub
3.emailed the .pub key to the administrator of the UNIX box - he set things up at his end - he has assured me
The connection didnt work so I suggested he tried a conversion of the UNIX file with
ssh-keygen -i -f id_dsa_1024_a.pub >> authorized_keys2
still not working get I this................
$ ssh2 ftpjcqt@host
warning: Could not read public key file /SYS$SYSROOT/sysmgr/ssh2/id_dsa_1024
ftpjcqt's password:
no password setup for ftpjcqt so fails.
any help please
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 08:40 AM
тАО02-17-2010 08:40 AM
Re: SSH2 on VMS
(1)
Public key saved to ssh2/id_dsa_2048_b.pub
but
idkey id_dsa_1024_a
ssh searching for the wrong key ?
(2)
If (1) is not the answer, there could be a problem with the sys$manager directory search list:
apparently You created the key under the SYSTEM login:
is the key created in sys$common:[sysmgr.ssh2] ?
If yes, copy it to sys$sysroot:[sysmgr.ssh2],
or better use a different account, which has no search list home directory.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 08:47 AM
тАО02-17-2010 08:47 AM
Re: SSH2 on VMS
my apologies
ive tried copying to the other directory either as you suggested no difference
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 09:08 AM
тАО02-17-2010 09:08 AM
Re: SSH2 on VMS
replaced all IP's with "host"
.............................
DAVE$ ssh2 "-v"cqt@128.11.56.61
dave$dkb0:[sys0.syscommon.][sysexe]tcpip$ssh_ssh2.exe: FATAL: Cipher qt@128.11.5
6.61 is not supported.
%TCPIP-F-SSH_FATAL, non-specific fatal error condition
DAVE$ ssh2 "-v" ftpjcqt@host
debug: Ssh2/SSH2.C:1906: CRTL version (SYS$SHARE:DECC$SHR.EXE ident) is V7.3-2-0
0
debug: SshAppCommon/SSHAPPCOMMON.C:322: Allocating global SshRegex context.
debug: SshConfig/SSHCONFIG.C:3332: Metaconfig parsing stopped at line 4.
debug: SshConfig/SSHCONFIG.C:861: Setting variable 'VerboseMode' to 'FALSE'.
debug: SshConfig/SSHCONFIG.C:3240: Unable to open ssh2/ssh2_config
debug: Connecting to host, port 22... (SOCKS not used)
debug: Ssh2/SSH2.C:2872: Entering event loop.
debug: Ssh2Client/SSHCLIENT.C:1608: Creating transport protocol.
debug: SshAuthMethodClient/SSHAUTHMETHODC.C:101: Added "hostbased" to usable met
hods.
debug: SshAuthMethodClient/SSHAUTHMETHODC.C:101: Added "publickey" to usable met
hods.
debug: SshAuthMethodClient/SSHAUTHMETHODC.C:101: Added "password" to usable meth
ods.
debug: Ssh2Client/SSHCLIENT.C:1649: Creating userauth protocol.
debug: client supports 3 auth methods: 'hostbased,publickey,password'
debug: SshUnixTcp/SSHUNIXTCP.C:1378: using local hostname DAVE.HBEU_AD
debug: Ssh2Common/SSHCOMMON.C:546: local ip = host, local port = 50095
debug: Ssh2Common/SSHCOMMON.C:548: remote ip = host, remote port = 22
debug: SshConnection/SSHCONN.C:2290: Wrapping...
debug: SshReadLine/SSHREADLINE.C:3670: Initializing ReadLine...
debug: Remote version: SSH-2.0-OpenSSH_4.2
debug: OpenSSH: Major: 4 Minor: 2 Revision: 0
debug: Ssh2Transport/TRCOMMON.C:1828: All versions of OpenSSH handle kex guesses
incorrectly.
debug: Ssh2Transport/TRCOMMON.C:2268: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/TRCOMMON.C:2333: c_to_s: cipher aes128-cbc, mac hmac-sha1,
compression none
debug: Ssh2Transport/TRCOMMON.C:2336: s_to_c: cipher aes128-cbc, mac hmac-sha1,
compression none
debug: Remote host key found from database.
debug: Ssh2Common/SSHCOMMON.C:347: Received SSH_CROSS_STARTUP packet from connec
tion protocol.
debug: Ssh2Common/SSHCOMMON.C:397: Received SSH_CROSS_ALGORITHMS packet from con
nection protocol.
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthPubKeyClient/AUTHC-PUBKEY.C:1682: adding keyfile "/SYS$SYSROOT/sy
smgr/ssh2/GMS_id_dsa_2048_b" to candidates
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthClient/SSHAUTHC.C:377: Method 'publickey' disabled.
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
ftpjcqt's password: dClient/AUTHC-PASSWD.C:250: Starting password query...
...................................
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 11:35 AM
тАО02-17-2010 11:35 AM
Re: SSH2 on VMS
Perhaps a good idea, depending on the
(unidentified) software on the other end.
> ssh-keygen -i -f id_dsa_1024_a.pub >> authorized_keys2
Which left what, exactly, in
"authorized_keys2"? (And is that the file
where the SSH server there will be looking?
Not plain "authorized_keys"? And in which
directory? "ls -lA"?)
What is this "the UNIX box", and what's the
SSH software there?
> debug: Ssh2AuthPubKeyClient/AUTHC-PUBKEY.C:1682: adding keyfile "/SYS$SYSROOT/sy
> smgr/ssh2/GMS_id_dsa_2048_b" to candidates
> debug: server offers auth methods 'publickey,password,keyboard-interactive'.
> debug: Ssh2AuthClient/SSHAUTHC.C:377: Method 'publickey' disabled.
Apparently the remote server hates your
public key data. And who, by the way, is
this "GMS_id_dsa_2048_b" key file?
> 2.
> created a file called IDENTIFICATION in my SSH" subdirectory with the following line in it
You seem to be the only one who believes
this. And what's an 'SSH"' subdirectory?
As usual, it might help if you showed some
actual evidence instead of mere assertions of
"facts". For example:
ALP $ set default sys$login
ALP $ type [.ssh2]identification.
IdKey SYSTEM_NPP_ID_DSA_1024_A
ALP $
Now we _know_ what's in _my_
"~/ssh2/identification" file. We have only
your word for what's in yours. And your SSH
client seems to disagree with you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 01:28 PM
тАО02-17-2010 01:28 PM
Re: SSH2 on VMS
The VMS, being the client, needs the key registered in [.ssh2]identification.
$ typ [.ssh2]IDENTIFICATION.
IdKey ID_DSA_2048_A
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 02:45 PM
тАО02-17-2010 02:45 PM
Re: SSH2 on VMS
You will probably have to play with the format and attributes of the key files on one or both systems.
Generate dummy keys on both source and destination systems. Compare the text files and try to reconcile any differences. Key files are "just text", but different systems seem to want them in slightly different formats.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2010 08:05 PM
тАО02-17-2010 08:05 PM
Re: SSH2 on VMS
> public key data. [...]
And, of course, there may be other
interesting stuff in the system logs on "the
UNIX box", especially if the key file format
there is defective.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-18-2010 12:27 AM
тАО02-18-2010 12:27 AM
Re: SSH2 on VMS
DAVE$ set default sys$login
DAVE$ type [.ssh2]identification.
idkey GMS_id_dsa_2048_b
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-18-2010 12:29 AM
тАО02-18-2010 12:29 AM