Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

sftp on openvms

 
Bill Stewart_4
Occasional Visitor

sftp on openvms

Could someone please post an example of using sftp in batch mode on openvms.

we are running
HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 5
on a AlphaServer 1200 5/400 4MB running OpenVMS V7.3-2
28 REPLIES 28
Arch_Muthiah
Honored Contributor

Re: sftp on openvms

Bill,

try this...

$ sftp -bbatch_file username@host

try this also
$sftp -bbatch_file 'usrname':'psswrd'@'node'

Archunan
Regards
Archie
Arch_Muthiah
Honored Contributor

Re: sftp on openvms

Bill,

this is SFTP cmnd Synopsis, you can give the necessary options if you know.

$ SFTP [-D ] [-b batchfile] [-S path][-h][-v] [-P ssh-port] user@host

-D debug-level Displays debug information. The debug-level value is a number between 0
and 99

-b batchfile Reads commands from a file instead of from SYS$INPUT.

-S ssh-path Specifies an alternate location for the SSH server executable file.

-h Displays information about how to use the SFTP utility.

-V Displays the version of SSH.

-P Tells SFTP on which port the SSH server is listening.
Regards
Archie
Richard Whalen
Honored Contributor

Re: sftp on openvms

You will probably have to set up public key or host based authentication for batch mode to work.
Volker Halle
Honored Contributor

Re: sftp on openvms

Bill,

using SFTP from batch mode requires more than just knowing how to specify the options for the SFTP command...

I've found the following manual to best provide the necessary pieces of information:

http://h71000.www7.hp.com/openvms/products/ssh/ssh.pdf

I've followed the different chapters in this manual and have successfully set up the environment to run SFTP from a DCL procedure interactively (no prompt for password) with using user-based public key authentication.

For BATCH mode, host based authentication seems to be necessary, as you can't run an SSH_AGENT in batch mode. The SSH_AGENT is required to ask for and store the passphrase for the user's key file(s).

Once I'll get this running, I'll provide and describe the necessary steps (for TCPIP V5.5). There's a long weekend ahead, isn't it ;-)

Volker.
Volker Halle
Honored Contributor

Re: sftp on openvms

Bill,

it works well with TCPIP V5.5. I've done the setup based on the 'HP TCP/IP Services for OpenVMS Guide to SSH (TCPIP V5.4)' manual referenced above.

Here are my notes from the setup and an example BATCH procedure and logfile:


Setting up HOSTBASED Authentication
===================================

On SSH Client:

in TCPIP$SSH_DEVICE:[TCPIP$SSH.ssh2]SSH2_CONFIG.

DefaultDomain domain.name ! make sure to enter full domain name of local node


On SSH Server:

TCPIP$SSH_DEVICE:SSHD2_CONFIG.

AllowedAuthentications hostbased, publickey, password


TCPIP$SSH_DEVICE:SHOSTS.EQUIV

fully-qualified-client-IP-name username

NOTE: use lowercase username for OpenVMS clients


Copy from SSH Client

TCPIP$SSH_DEVICE:[TCPIP$SSH.ssh2]hostkey.pub

to SSH Server

TCPIP$SSH_DEVICE:[TCPIP$SSH.ssh2.KNOWNHOSTS]fully_qualified_client_SSH-DSS.PUB

e.g. NODE_DOMAIN_NAME_SSH-DSS.PUB (for client node node.domain.name)


Using SFTP from BATCH mode
==========================

Use TCPIP V5.4 ECO 5 or TCPIP V5.5


$ sftp "-B" "/userdisk1/halle/itrc/bf.ftp" hostname


Batchfile USERDISK1:[HALLE.ITRC]BF.FTP:

ls login.com[lf]
cd [.itrc][lf]
get x.x[lf]

NOTE: [lf] = each line needs to be terminated by [LF] character = ASCII 10.
In TPU: [GOLD]10[GOLD][SPEC INS]
or the file needs to be converted to STREAMLF record format

NOTE: Files to be copied etc. by SFTP need to be in STREAMLF format:
$ set file/attr=rfm:stmlf x.x


Batch logfile:

$ sftp "-B" "/userdisk1/halle/itrc/bf.ftp" hostname
sftp> ls login.com
login.com

/userdisk1/halle/itrc

x.x | 0 kB | 0.0 kB/s | TOC: 00:00:01 | 100%


Merry Christmas and a Happy New Year,

Volker.
Volker Halle
Honored Contributor

Re: sftp on openvms

Correction:

...

On SSH Server:

TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]SSHD2_CONFIG.

AllowedAuthentications hostbased, publickey, password


TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]SHOSTS.EQUIV

fully-qualified-client-IP-name username

NOTE: use lowercase username for OpenVMS clients

...

Volker.

Re: sftp on openvms

Hi All,

I need to connect to an IP through SFTP from VMS. I have the user name password and the IP. I need to find out whether the file is present or not.
I tried like this

sftp user_name@host password

But it throwed the below error:
Too many arguments.
Usage: sftp2 [-D debug_level_spec] [-B batchfile] [-S path] [-h]
[-V] [-P port] [-b buffer_size]
[-4] [-6] "[-C]" [-o option_to_ssh2]
[user@]host[#port]


Please Help me out.
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

The clear text error tells You "Too many arguments".
There is no such argument "password" on the sftp command-line, only user@host.
When sftp starts, it will prompt for the password , unless You have a public key established.
http://www.mpp.mpg.de/~huber

Re: sftp on openvms

Hi,

When i try sftp user@host it is throwing the below error:

Usage: /sys$system/tcpip$ssh_ssh2 [POSIX or GNU style options] -f progfile [--] file ...
/sys$system/tcpip$ssh_ssh2 [POSIX or GNU style options] [--] "program" file ...
POSIX options: GNU long options:
-f progfile --file=progfile
-F fs --field-separator=fs
-v var=val --assign=var=val
-m[fr]=val
-W compat --compat
-W copyleft --copyleft
-W copyright --copyright
-W help --help
-W lint --lint
-W posix --posix
-W source=program-text --source=program-text
-W usage --usage
Warning: child process (/sys$system/tcpip$ssh_ssh2) exited with code 44.


%TCPIP-E-SSH_FC_ERROR, error in ssh file transfer operation
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

>>
When i try sftp user@host it is throwing the below error:
Usage: /sys$system/tcpip$ssh_ssh2 [POSIX or GNU style options] -f progfile [--] file ...
<<

The "usage" response shows again some syntax error/wrong arguments.
Would You show us what You REALLY type as the command?
Also version of system and TCPIP software:
TCPIP SHOW VERSION
sftp -v
show symbol sftp
show process /parse_style
http://www.mpp.mpg.de/~huber

Re: sftp on openvms

I types the below:


$sftp ezps@69.94.86.93
Usage: /sys$system/tcpip$ssh_ssh2 [POSIX or GNU style options] -f progfile [--] file ...
/sys$system/tcpip$ssh_ssh2 [POSIX or GNU style options] [--] "program" file ...
POSIX options: GNU long options:
-f progfile --file=progfile
-F fs --field-separator=fs
-v var=val --assign=var=val
-m[fr]=val
-W compat --compat
-W copyleft --copyleft
-W copyright --copyright
-W help --help
-W lint --lint
-W posix --posix
-W source=program-text --source=program-text
-W usage --usage
Warning: child process (/sys$system/tcpip$ssh_ssh2) exited with code 44.


%TCPIP-E-SSH_FC_ERROR, error in ssh file transfer operation

*****************************************

$TCPIP SHOW VERSION

HP TCP/IP Services for OpenVMS Alpha Version V5.6 - ECO 3
on an AlphaServer GS320 6/1224 running OpenVMS V8.3

$
$sftp -v
Sftp2/SFTP2.C:5183: CRTL version (SYS$SHARE:DECC$SHARE ident) is: V8.3-01

SshFileCopy/SSHFILECOPY.C:1354: Making local connection.
Ssh2SftpServer/SSHFILEXFERS.C:2120: Received SSH_FXP_INIT
Ssh2SftpServer/SSHFILEXFERS.C:2165: version is 999
Ssh2SftpServer/SSHFILEXFERS.C:2227: Sending SSH_FXP_VERSION with sftp-version@openvms.hp.com as 3
SshFileXferClient/SSHFILEXFERC.C:1432: ssh_file_client_receive_proc: coming in with extension data, OpenVMS host
SshFileXferClient/SSHFILEXFERC.C:1478: vms_plus_sftp_version = 3
SshFileCopy/SSHFILECOPY.C:1293: Connection to local, ready to serve requests.
Sftp2/SFTP2.C:822: Connection ready.
SshReadLine/SSHREADLINE.C:3662: Initializing ReadLine...
sftp>
sftp>
sftp> exit
SshReadLine/SSHREADLINE.C:3728: Uninitializing ReadLine...


$
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

Although my version is older, it gets a "usage" response only if the command-line is really wrong.
And in Your case it gets an error as soon as You have a user@host argument.
My suspicion still is: You have a DCL symbol "sftp" defined,
what does "SHOW SYMBOL SFTP" return ?
http://www.mpp.mpg.de/~huber

Re: sftp on openvms

$SHOW SYMBOL SFTP
%DCL-W-UNDSYM, undefined symbol - check validity and spelling
Steven Schweda
Honored Contributor

Re: sftp on openvms

> I need to connect to an IP through SFTP
> from VMS.[...]

1. If you have your own question, then start
your own thread. Don't wake some old, dead,
unrelated thread.

> HP TCP/IP Services for OpenVMS Alpha Version V5.6 - ECO 3
> on an AlphaServer GS320 6/1224 running OpenVMS V8.3

2. Around here:

alp $ tcpip show vers

HP TCP/IP Services for OpenVMS Alpha Version V5.6 - ECO 5
on a COMPAQ Professional Workstation XP1000 running OpenVMS V8.3

alp $ sftp "-V"
alp$dka0:[sys0.syscommon.][sysexe]tcpip$ssh_sftp2.exe: SSH Secure Shell OpenVMS
(V5.5) 3.2.0 on COMPAQ Professional Workstation - VMS V8.3

alp $ sftp sms@alp-l

@ SYS$MANAGER:ANNOUNCE.TXT
sftp> pwd
ALP$DKA0:[SMS]
sftp> quit


alp $ sftp sms@10.0.0.9

@ SYS$MANAGER:ANNOUNCE.TXT
sftp> pwd
ALP$DKA0:[SMS]
sftp> quit


alp $ sftp -v fred fred
Too many arguments.
Usage: sftp2 [-D debug_level_spec] [-B batchfile] [-S path] [-h]
[-V] [-P port] [-b buffer_size]
[-4] [-6] "[-C]" [-o option_to_ssh2]
[user@]host[#port]


Have you tried installing a newer TCPIP ECO?
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

Well mine seems to behave much different,
especially to automatically connect to the local host if asking the version in
sftp -v , which actually is "sftp -V".
Hope somebody with the combination VMS8.3/TCPIP 5.6 can reproduce something like that.

Meanwhile use debugging/verify:

sftp -"v" user@host !observe the string quotes!

to see more disgnostic revealing the point at which the error occurs.
http://www.mpp.mpg.de/~huber
Hoff
Honored Contributor

Re: sftp on openvms

CHANDRASEKARAN S:

In no particular order...

Ensure that the ssh client and ssh server are appropriately started via TCPIP$CONFIG.COM

Failure to start the appropriate client and server components has an unfortunate and long history of tossing obscure errors.

Patch to current; V5.6 ECO 2 is old.

Ensure the process quotas and process environment are sufficient. Details on minimum quotas should be in the manual, and you'll likely need TMPMBX and NETMBX minimally.

Test connections into the target server from another box. See if this is local or a server error.

Remove any DECC* logical names that might be around in the process or job context. Sufficiently odd settings for these can trigger errors in most any C application.

And I'm seeing completely different "usage" diagnostics with V5.6 ECO 5, so definitely roll forward to ECO 5.
Steven Schweda
Honored Contributor

Re: sftp on openvms

> sftp -"v" user@host !observe the string quotes!

Quoting "-v" is not required. Quoting "-V"
probably _is_ required. (As shown above.)
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

>> Quoting "-v" is not required. Quoting "-V"
probably _is_ required.

So I keep quiet. Seems there are so many changes between TCPIP 5.4 and 5.6.
On my 5.4 sftp is a DCL verb, and both unquoted -V and -v result in "show version".
Only -"v" results in the desired "verbose".
http://www.mpp.mpg.de/~huber
The Brit
Honored Contributor

Re: sftp on openvms

It would be nice to see the output from

$ sftp "-V"

Dave
Steven Schweda
Honored Contributor

Re: sftp on openvms

> [...] Only -"v" results in the desired
> "verbose".

Really? Around here, only "-V" gives the
desired version report, even on my older
system:

alp2 $ tcpip show version

HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 7
on a COMPAQ Professional Workstation XP1000 running OpenVMS V7.3-2

alp2 $ sftp "-V"
alp2$dkb300:[sysa.syscommon.][sysexe]tcpip$ssh_sftp2.exe;1: SSH Secure Shell OpenVMS (V5.5) 3.2.0 on COMPAQ Professional Workstation - VMS V7.3-2

alp2 $ sftp "-v"
Sftp2/SFTP2.C:4804: CRTL version (SYS$SHARE:DECC$SHARE ident) is: V7.3-2-03

SshFileCopy/SSHFILECOPY.C:1062: Making local connection.
Ssh2SftpServer/SSHFILEXFERS.C:2079: Received SSH_FXP_INIT
Ssh2SftpServer/SSHFILEXFERS.C:2124: version is 3
SshFileCopy/SSHFILECOPY.C:1001: Connection to local, ready to serve requests.
Sftp2/SFTP2.C:786: Connection ready.
SshReadLine/SSHREADLINE.C:3662: Initializing ReadLine...
sftp> quit
SshReadLine/SSHREADLINE.C:3728: Uninitializing ReadLine...


alp2 $ sftp -V
Sftp2/SFTP2.C:4804: CRTL version (SYS$SHARE:DECC$SHARE ident) is: V7.3-2-03

SshFileCopy/SSHFILECOPY.C:1062: Making local connection.
[...]

alp2 $ sftp -v
Sftp2/SFTP2.C:4804: CRTL version (SYS$SHARE:DECC$SHARE ident) is: V7.3-2-03

SshFileCopy/SSHFILECOPY.C:1062: Making local connection.
[...]

But my C run-time environment is clean:

alp2 $ show logical decc$*

(LNM$PROCESS_TABLE)

(LNM$JOB_81811000)

(LNM$GROUP_000050)

(LNM$SYSTEM_TABLE)

"DECC$CRTLMAP" = "SYS$SHARE:DECC$SHR_EV56"
"DECC$SHR" = "SYS$SHARE:DECC$SHR_EV56"

(LNM$SYSCLUSTER_TABLE)

(DECW$LOGICAL_NAMES)
alp2 $

> Remove any DECC* logical names that might
> be around in the process or job context.
> Sufficiently odd settings for these can
> trigger errors in most any C application.

Generally good advice.
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

> Remove any DECC* logical names that might
> be around in the process or job context.
>Generally good advice.

And no, I WANT DECC$UNIX_LEVEL 30 to make all utils ported from U*x work.

It is the combination of SFTP DCL command-verb definition and DECC features, which defeats argv parsing.
I delete the sftp verb, and define sftp as an external command (sftp := $tcpip$ssh_sftp2) and can use the command as used on any other system without quoting anything.

Anyway for CHANDRASEKARANs question we need the verbose mode (either -v or -"v") to see where the error occurs.



http://www.mpp.mpg.de/~huber
Hoff
Honored Contributor

Re: sftp on openvms

>It is the combination of SFTP DCL command-verb definition and DECC features, which defeats argv parsing.

Arguably, it is the non-modular and non-reentrant and moving-target "design" of the DECC$* logical name scheme.

This design is problematic now, it was problematic when originally designed, and it's increasingly problematic as the settings and the requirements continue to propagate and diverge and entrench and evolve. This stuff is (also) a dynamic environment as the RTLs are upgraded via ECO or via OpenVMS upgrades, or as the running settings are changed or as conflict arise as "other" stuff gets installed.

I'm now often adding the decc$feature_show_all() DEC C feature display call into the application signal handlers, so I can catch and display the current settings, and I'm starting to add logic in non-trivial applications to override the environmental settings; to suppress the logical names.
Joseph Huber_1
Honored Contributor

Re: sftp on openvms

Hoff,
Yes, I agree.
In the case of ssh and sftp, it would be perfect to handle decc$ features inside the programs, but what it does simply makes it more confusing:
both have a CLD verb definition of

parameter P1 value (type=$rest_of_line)

i.e. DCL first converts everything not quoted to uppercase.
Then depending on DECC feature logicals one has to quote either the lower case options or the upper case ones.

In either case, a user can't use the syntax it is used from other systems.
A user working only in VMS might get used to use quotes, I don't, I work on a Linux desktop with terminal windows in VMS.

It is a matter of taste of course.
If I delete the useless ssh and sftp DCL verbs, replacing them by foreign command definitions, then with my usual DECC$UNIX_LEVEL 30 (or just DECC$ARGV_PARSE_STYLE ENABLE), I can use identical Linux and DCL commands.

I could live with ssh and sftp as is (usually I log into VMS, not from VMS into somewhere), but there are so many other GNU/Linux utilities ported without VMS command-line support, I don't remember the right quoting every time.
http://www.mpp.mpg.de/~huber
Steven Schweda
Honored Contributor

Re: sftp on openvms

> And no, I WANT DECC$UNIX_LEVEL 30 to make
> all utils ported from U*x work.

That's one way. When I port a C program, I
normally add a LIB$INITIALIZE function to
set these things the way I want them. Then,
with Parse Style: Extended, I don't need to
think about them (until I go back to a VAX).
Why HP doesn't do the same thing with its own
products is a mystery to me.

Now, if someone would provide the cookbook to
show me how to do the same thing for a C++
program which hhijacks LIB$INITIALIZE for its
own purposes, ...