- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- ssh from unix to vms without passwords
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2008 03:07 PM
тАО10-23-2008 03:07 PM
ssh from unix to vms without passwords
- Tags:
- ssh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2008 03:38 PM
тАО10-23-2008 03:38 PM
Re: ssh from unix to vms without passwords
Convert the keys on Solaris. Using your private key convert to a new public key. Something like
$ ssh-keygen -e -f private key .file > vms publick .key.file
where
-e Extract/convert from OpenSSH private key file to SECSH publick key format
On the VMS side load into the correct directory and test.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2008 03:44 PM
тАО10-23-2008 03:44 PM
Re: ssh from unix to vms without passwords
as to what's wrong.
> [...] copied the public key from the
> Solaris system to the VMS system [...]
With the correct format, or the format which
Solaris SSH software likes? They differ.
I made my keys on VMS (SSH2 format), and used
"ssh-keygen -X" ("-i" on newer versions) to
convert them to the OpenSSH format favored by
the Solaris software. I'm not sure if its
as easy to go the other way using the Solaris
ssh-keygen program. Alternatively, make some
keys on the VMS system, study the format, and
convert the Solaris-friendly keys manually.
Being able to see "ssh -v [...]" output
and/or key file data (even mutilated) might
be helpful. A Forum search might also find
several past similar discussions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2008 04:26 PM
тАО10-23-2008 04:26 PM
Re: ssh from unix to vms without passwords
> file and the private key on the VMS is in
> the identificaiton file.
Too vague. On Solaris, ~/.ssh/identity (or
id_dsa, ...) and ~/.ssh/authorized_keys
contain actual key data. On VMS,
[.SSH2]IDENTIFICATION. and
[.SSH2]AUTHORIZATION. contain keywords and
file names, and those _files_ contain the key
data. For example:
alp $ type [.SSH2]AUTHORIZATION.
KEY SMS_ID_DSA_1024_A.PUB
KEY SMS_NPP_ID_DSA_1024_A.PUB
alp $ type [.SSH2]IDENTIFICATION.
IdKey SMS_NPP_ID_DSA_1024_A
alp $ type [.SSH2]SMS_NPP_ID_DSA_1024_A.PUB
---- BEGIN SSH2 PUBLIC KEY ----
Subject: sms
Comment: "1024-bit dsa, sms@alp.antinode.org, Fri Jun 27 2003 03:57:52"
AAA[...]
[...]
[...]8WQ=
---- END SSH2 PUBLIC KEY ----
alp $ type [.SSH2]SMS_NPP_ID_DSA_1024_A.
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
Subject: sms
Comment: "1024-bit dsa, sms@alp.antinode.org, Thu Jul 24 2003 03:43:07"
P2/[...]
[...]
[...]dOw==
---- END SSH2 ENCRYPTED PRIVATE KEY ----
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2008 04:31 PM
тАО10-23-2008 04:31 PM
Re: ssh from unix to vms without passwords
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-27-2008 08:24 AM
тАО10-27-2008 08:24 AM
Re: ssh from unix to vms without passwords
I found editing the ssh server config file on VMS (SSHD2_CONFIG.;) and setting "VerboseMode yes" helpful in determining where the connection from UNIX is failing.
KC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-29-2008 06:38 AM
тАО10-29-2008 06:38 AM
Re: ssh from unix to vms without passwords
On Mac:
cd
ssh-keygen
cd .ssh
ssh-keygen -e -f id_rsa > EXAMPLE.PUB
cat > AUTHORIZATION << EOF
KEY EXAMPLE.PUB
EOF
sftp user@vms
mkdir SSH2
cd SSH2
put AUTHORIZATION
put EXAMPLE.PUB
After this ssh/sftp immediately worked using publickey (was prompted for passphrase, not password).
Then I also did the following:
ssh user@vms
(passphrase, no password :)
set default [.SSH2]
set security/prot=(g,w) AUTHORIZATION.
set security/prot=(g:re,w:r) EXAMPLE.PUB
and logged out and back in.
So for Unix to VMS, the naming of the key file doesn't seem to be important - and we should use default RSA, not DSA here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-29-2008 07:24 AM
тАО10-29-2008 07:24 AM
Re: ssh from unix to vms without passwords
Why?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-29-2008 09:56 AM
тАО10-29-2008 09:56 AM
Re: ssh from unix to vms without passwords
> Why?
What I meant was just "this example uses RSA, not DSA".
I don't know the practical difference between them. Noticed that ssh_keygen on VMS uses DSA by default, while OpenSSH uses RSA by default. And I used OpenSSH. If you have any specific recommendations either way, please share.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-29-2008 10:14 AM
тАО10-29-2008 10:14 AM
Re: ssh from unix to vms without passwords
There are the usual arguments around speed and security and which one is preferred by the government and such, but the distinctions (still) tend to be negligible in the current reality.
Like the recent reports of GPU-accellerated WPA PSK WiFi attacks, pick a good pass phrase and a reasonably long bit length and you should be good to go.
But best to watch for attacks, both against your servers and generic attacks against the underlying algorithms.