Operating System - OpenVMS
1747999 Members
4812 Online
108756 Solutions
New Discussion юеВ

Re: ssh/sftp between VMS and linux without password?

 
Randy Nelson_2
Occasional Advisor

ssh/sftp between VMS and linux without password?

Hi,

I'm trying to get ssh/sftp working between VMS and linux without needing a password. I'm not having any luck yet... It works fine VMS2VMS and linux2linux, but not between VMS and linux. I've tried converting the keys and following the directions in a couple of articles...but I always get prompted for the password. This is VMS alpha 8.2/tcpip 5.5 eco1, and RedHat Linux EL PW update 2. All recent stuff... Has anyone actually done this?

-Randy
9 REPLIES 9
Steven Schweda
Honored Contributor

Re: ssh/sftp between VMS and linux without password?

"Between" in which direction?

Not Linux, but VMS to Solaris:

alp $ tcpip show version

HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 5
on a COMPAQ Professional Workstation XP1000 running OpenVMS V7.3-2

alp $ ssh ung
Authentication successful.
Last login: Tue Nov 29 08:22:12 2005 from alp
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
DISPLAY = "alp:0.0".
ung% uname -a
SunOS ung 5.9 Generic_118558-17 sun4u sparc SUNW,Ultra-1
ung% lo

Connection to ung closed.
[Extra needed here.]
alp $

Of course, I set this up a while ago, and
have no idea if I did anything exotic to get
to this point. And I never go the other way,
so I don't know if that works.

~sms/.ssh/authorized_keys on "ung" has fully
qualified names ("sms@alp.antinode.org").

There should be some hint-filled log files
somewhere.
Arch_Muthiah
Honored Contributor

Re: ssh/sftp between VMS and linux without password?

Randy,

Try in batch mode. because SSH in VMS stores UN and PWD in a text file. Some of the SSH comes with emulator, requires UN/PWD in the interactive mode.

But process software's SSH for OpenVMS (if you have), You can run normal VMS batch job containing the SCP commands in SSH batch mode to copy the files.

$ ssh -t -o "BatchMode yes" username@10.1.2.57 "ComProcedure parameter"

Archunan
Regards
Archie
Richard Whalen
Honored Contributor

Re: ssh/sftp between VMS and linux without password?

Have you tried your SSH command with -v ?
This will put it in verbose mode and give you debugging messages about what is being done. You want to see if it is attempting public key authentication. If it attempts public key authentication and reports a failure status, then you made an error when you transferred the public key from the VMS system to the Linux system.
john Dite
Frequent Advisor

Re: ssh/sftp between VMS and linux without password?

I've done SSH mit publickey Authentication between Linux SUSE 9.1 and OpenVMS V7.3-2. TCPIP V5.4-ECO5 The thing I didn't realize initally was the need to convert the keys as the formats aren't the same on the two systems. But from what you wrote you seem to have overcome this hurdle. Then I would basically ensure that my Linux server (?) config file was adapted to write log messages and then using -vv qualifier on the client side get a debug log of what is happening.

Maybe you can post the results as an attachment, if you're still having problems.

I assume you have set the Linux SSH parameter
PreferredAuthentications publickey,password
accordingly.

-john
Daniel Fernandez Illan
Trusted Contributor

Re: ssh/sftp between VMS and linux without password?

Randy
With my configuration:

HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 5
on a AlphaServer GS160 6/731 running OpenVMS V7.3-2

I am using this command:
$set noon
$sftp -"B" - user@remote_node
cd /test
get test.dat
exit
$exit

and works fine in INTERACTIVE, BATCH and DETACH modes.

Saludos.
Daniel.

Fred Sittler
New Member

Re: ssh/sftp between VMS and linux without password?

Did you ever find out how to do this? I can't get it to work!!!!!
Steven Schweda
Honored Contributor

Re: ssh/sftp between VMS and linux without password?

Fred Sittler:

Unless your situation is identical to that of
the original complainer here, it would make
more sense to start a new thread, perhaps
including a reference to this one.

And, referring to this one:

> Have you tried your SSH command with -v ?

As usual, it might help to have version info,
actual commands used, actual responses to
those commands, and so on. A description
like "can't get it to work" is not likely to
lead anywhere by itself.
Randy Nelson_2
Occasional Advisor

Re: ssh/sftp between VMS and linux without password?

Hi again...

I'm the "original complainer"? COMPLAINER?

Well, I never... :-)

SSH and sftp without passwords.

Tested with VMS 8.2 with tcpip 5.5 eco1 and RedHat EL WS 4 update 2.

Scenario ONE. Linux to VMS with no password

1. On the linux box

a. ssh-keygen -e -f /home/nelsonr/.ssh/id_dsa.pub > linuxnode.fullhost.pub
b. ftp to VMS
c. set to ascii mode
d. put the file (replacing dots with underscores) i.e.
put linuxnode.fullhost.pub linuxnode_fullhost.pub

2. On the VMS box

a. set def to [.ssh] directory
b. edit the authorization. file adding a key statement
key linuxnode_fullhost.pub

3. You should now be able to ssh from linux to VMS without a password.


Scenario TWO. VMS to Linux with no password

1. On the VMS box

a. netme (@sys$manager:tcpip$define_commands)
b. set def sys$Login
c. ssh_keygen [.ssh2]keyname
d. This creates two files in [.ssh2] One called keyname. and one called keyname.pub
e. Add keyname.pub to the IDENTIFICATION. file
IdKey keyname

2. On the linux box
a. ftp (ascii) the file over to the .ssh directory
b. Import the new key into the authorized_keys file
ssh-keygen -i -f keyname.pub >> authorized_keys

-Randy
Steven Schweda
Honored Contributor

Re: ssh/sftp between VMS and linux without password?

> a. set def to [.ssh] directory

"[.ssh2]"?

> 1. On the VMS box
> [...]

Or, with some fooling around, one can
reformat a Linux key file, and use the same
data for both directions. Making a key file
set on VMS will, however, illustrate the
format differences nicely, so it can be
useful in any case. Also, "ssh-keygen" on
Linux may be able to re-format VMS (SSH2)
key files into OpenSSH-compatible files.
(Perhaps "-X" or "-i". Works on Solaris.)