HPE Community
Operating System - OpenVMS
1828161 Members
2498 Online
109975 Solutions
New Discussion

Re: Not able to transfer file from VMS to Unix without using password

 
santoshpandey02
Occasional Advisor

‎04-21-2008 11:44 PM

‎04-21-2008 11:44 PM

Not able to transfer file from VMS to Unix without using password

Hello everyone,
I am not able to transfer file from VMS server to Unix server without using password. I have created private and public key using ssh_keygen2 utility and then created authorization and identification file in same [.ssh2] directory. Then I am starting the SSH-AGENT2 and SSH-ADD utility.

I am creating a .ssh2 directory (mkdir .ssh2) in Unix server and then using SCP2 command (SCP2 "username@IP address:.ssh2/") to transfer the public key to .ssh2 directory in Unix server.

Once file is transferred to unix server I am logging to Unix server and using following command for generating authorized key (ssh-keygen -i -f ID_DSA_2048_A.PUB >> authorized keys), which creates a file with name "authorized" in .ssh2 directory in Unix server.
Now I am using "SCP2 "username@Ip address of unix server:target directory/" in VMS server for file transfer and again getting promted for password.

I am not sure whether I am missing any step in between. Also I dont know whether its a configuration issue. Please help me.

Thanks in advance
Regards,
Santosh
0 Kudos
Reply
14 REPLIES 14
Richard Whalen
Honored Contributor

‎04-22-2008 02:04 AM

‎04-22-2008 02:04 AM

Re: Not able to transfer file from VMS to Unix without using password

do the configuration files authorize public key authentication?

For the (VMS) client side [.SSH2]ssh2_config.
For the (Unix) server side it will sshd2_config. in the directory in which the SSH images live.
0 Kudos
Reply
santoshpandey02
Occasional Advisor

‎04-22-2008 02:12 AM

‎04-22-2008 02:12 AM

Re: Not able to transfer file from VMS to Unix without using password

Hi Richard,

I have modified the ssh2_config. file by adding following line

AllowedAuthentications publickey, password

and sshd2_config file by adding

AllowedAuthentications publickey


Anything else I need to perform here?
0 Kudos
Reply
Wim Van den Wyngaert
Honored Contributor

‎04-22-2008 02:32 AM

‎04-22-2008 02:32 AM

Re: Not able to transfer file from VMS to Unix without using password

Run scp2 with /debug=99 and post the result (in enclosure).

Did you make the private key well protected ?

Wim
Wim
Reply
santoshpandey02
Occasional Advisor

‎04-22-2008 03:51 AM

‎04-22-2008 03:51 AM

Re: Not able to transfer file from VMS to Unix without using password

Hi Wim,

thanks for your reply.

Both private and public key is protected using following command:

$ SET FILE/PROTECTION=(S,W,G,O:RW) ID_RSA_1024_A.;1

$ SET FILE/PROTECTION=(S,W:R,G,O) ID_RSA_1024_A.PUB;1

scp2 "-D 99" test1.dat "username@IP address":

Error Log:
===============
debug(22-APR-2008 17:17:29.16): SshADTList/SSHADT_LIST.C:454: Invoking callback @29cd0.
debug(22-APR-2008 17:17:29.16): SshADTList/SSHADT_LIST.C:454: Callback @29cd0 returned.
debug(22-APR-2008 17:17:29.16): SshADTList/SSHADT_LIST.C:419: Detach: handle=521b2c
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:454: Invoking callback @29cd0.
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:454: Callback @29cd0 returned.
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:69: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:419: Detach: handle=521b6c
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:454: Invoking callback @29cd0.
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:454: Callback @29cd0 returned.
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:69: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:69: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:69: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:69: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshADTList/SSHADT_LIST.C:69: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshADTMap/SSHADT_MAP.C:117: map cleared.
debug(22-APR-2008 17:17:29.17): SshADTMap/SSHADT_MAP.C:129: Reference to non-existent callback (doing nothing).
debug(22-APR-2008 17:17:29.17): SshConfig/SSHCONFIG.C:2794: Freeing pki. (host_pki = NULL, user_pki = NULL)
tcpip$ssh_scp2.exe:SshEventLoop/SSHUNIXELOOP.C:1302: Select.
tcpip$ssh_scp2.exe:SshEventLoop/SSHUNIXELOOP.C:627: Got signal number: 20
tcpip$ssh_scp2.exe:ssh_sigchld_real_callback
tcpip$ssh_scp2.exe:ssh_sigchld_process_pid: calling handler pid 118090 code 131
tcpip$ssh_scp2.exe: warning: child process (/sys$system/tcpip$ssh_ssh2) exited with code 131.


%TCPIP-E-SSH_FC_ERROR, error in ssh file transfer operation
===========================================
Please help me to find the solution. If you have any document with proper steps for setting the public key on unix server then you can send it to me.
0 Kudos
Reply
Steven Schweda
Honored Contributor

‎04-22-2008 06:50 AM

‎04-22-2008 06:50 AM

Re: Not able to transfer file from VMS to Unix without using password

"Unix server" is not a complete (or useful)
description.

"VMS" is not any better.
TCPIP SHOW VERSION (or whatever works)
ssh "-V"

Many UNIX systems use a different directory,
and different key file formats, so simply
copying the VMS key files to "~/.ssh2" may
(probably will?) not work.

I'd also start with a simple SSH command,
like "ssh -v user@unix_host" rather than any
SCP command, until you get that much to work.

A forum search may find old threads showing
examples of using "ssh-keygen -X" or
"ssh-keygen -i" to import VMS-style,
SSH2-compatible format key data on the UNIX
system. (Or "man ssh-keygen".)
Reply
Hoff
Honored Contributor

‎04-22-2008 06:53 AM

‎04-22-2008 06:53 AM

Re: Not able to transfer file from VMS to Unix without using password

For reference and for completeness, this current thread originally started within the following thread:

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1138560

Reply
santoshpandey02
Occasional Advisor

‎04-23-2008 12:41 AM

‎04-23-2008 12:41 AM

Re: Not able to transfer file from VMS to Unix without using password

Hi Hoff/Steven

Please find the steps which I have followed for the environment setup, please let me know what i have missed here,

========================================

SSH installation detail:

OpenVMS (version V7.3-2-03) - SSH-2.0-3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 2

Unix - SSH-1.99-OpenSSH_4.2

Steps for environment setup:

Step 1.

Create public and private key,

$ ssh_keygen2

Passphrase :(Enter)
Again :(Enter)

will create following files in [.SSH2] directory,

ID_DSA_2048_A.;1 (Private)
ID_DSA_2048_A.PUB;1 (Public)

It is advisable to rename both the files by adding your login intial at the beggining of the file name (Only for identification purpose),

$ REN ID_DSA_2048_A.;1 SANTOSH_ID_DSA_2048_A
$ REN ID_DSA_2048_A.PUB;1 SANTOSH_ID_DSA_2048_A.PUB

Create IDENTIFICATION and AUTHORIZATION file,

$ Edit IDENTIFICATION

Add following line and save the file,

IDKEY SANTOSH_ID_DSA_2048_A

$ Edit AUTHORIZATION (This file is not required if the target server is UNIX)

Add following line and save the file,

KEY SANTOSH_ID_DSA_2048_A.PUB

Step 2:

.SSH directory created in home directory of Unix server (I have tried the same with .ssh2 directory but not able to get any success)

SCP2 is used to copy the public key from [.SSH2] to .SSH directory of Unix server

$ scp2 ID_DSA_2048_A.PUB "username@:.ssh/"

While copying It is prompting for password, as first time I am copying a file to target server (It is expected)

Step 3:

Login to Unix server and create authorized key using public key, which is copied from VMS server

$ cd .ssh
$ ssh-keygen -i -f id_dsa_2048_a.pub >> authorized_keys ( a file authorized_keys created in .ssh directory)


(I have tried the same using following command from VMS server without any success,
$ ssh "username@" ssh-keygen -i -f id_dsa_2048_a.pub >> .ssh/authorized_keys
)

Step 4:

Now from VMS server when I am copying any file to Unix server,

$ scp2 SFTP_COPY.TAKE "username@134.46.252.17:sftp_test/"

(Now, it should not prompt for the password as public key is already copied to the target server, but every time it is prompting for the password)

=========================================================================================================================

Queries:

1. Please let me know if I am missing any step here.
2. I have found here that SSH sercure shell is available on source but OpenSSH is available on target, Is that creating problem here?
3. Is there any extra setup is required in target server or source server?
4. I have tried the same with SFTP2 command but getting the same issue (prompted for the password each time).
5. I have tried through batch mode but it was failing (Using SFTP with batchfile as input).

Please provide the exact step for setting the environment and with configuration setting (if any extra setting is required)

=========================================
0 Kudos
Reply
santoshpandey02
Occasional Advisor

‎04-23-2008 12:50 AM

‎04-23-2008 12:50 AM

Re: Not able to transfer file from VMS to Unix without using password

Please note that I have not renamed the public or private key with santosh_id_dsa_2048_a or santosh_id_dsa_2048_a.pub so you can consider only id_dsa_2048_a (private) and id_dsa_2048_a.pub (as public key)

0 Kudos
Reply
Wim Van den Wyngaert
Honored Contributor

‎04-23-2008 01:58 AM

‎04-23-2008 01:58 AM

Re: Not able to transfer file from VMS to Unix without using password

Was the error log you posted complete ?
Nothing on Unix ?

Did you try to switch case in the username ?

Did you try using a IP name instead of address ?

http://www.openssh.com/faq.html#3.14 ?

Wim
Wim
Reply
Wim Van den Wyngaert
Honored Contributor

‎04-23-2008 02:03 AM

‎04-23-2008 02:03 AM

Re: Not able to transfer file from VMS to Unix without using password

The authorized_keys file, isn't that a SSH1 file ? I used it once with for SSH tunnels and just pasted the public key into it.

To get KEA!X in the putty tunnel in ssh2 took me several days.

Wim
Wim
Reply
santoshpandey02
Occasional Advisor

‎04-23-2008 02:51 AM

‎04-23-2008 02:51 AM

Re: Not able to transfer file from VMS to Unix without using password

Wim,

I have tried with IP address but failed.
Also, I am not aware of switch case in the username?

in the given link Doug is telling that he is able to transfer file from VMS to Unix successfully, but steps are not given in the link
http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1208795880611+28353475&threadId=1138560

Some of his commnets are like this:

=====================================
Hello everyone:
I've been wrestling with the setup of sftp from a vms system to a unix system, utilizing batch mode (e.g. sftp "-B" "filename.com" remoteuser@remotehost.com)

I got it working and now the application support group has given me a list of accounts which require access to this function.

No problem, I simply have to copy the public keys and the identification. file to the ssh2 directory of each user and that's it.

=====================================
0 Kudos
Reply
Wim Van den Wyngaert
Honored Contributor

‎04-23-2008 03:01 AM

‎04-23-2008 03:01 AM

Re: Not able to transfer file from VMS to Unix without using password

Can't help because I'm on multinet and old 7.3. There are 2 versions of the protocol : SSH1 and SSH2. I think you did a mix.

Switch case : try in lowercase username and also in uppercase.

Wim
Wim
Reply
Steven Schweda
Honored Contributor

‎04-23-2008 05:54 AM

‎04-23-2008 05:54 AM

Re: Not able to transfer file from VMS to Unix without using password

> I'd also start with a simple SSH command,
> like "ssh -v user@unix_host" rather than any
> SCP command, until you get that much to work.

Still true.

Anything interesting in the system logs on
the (still unidentified?) UNIX system?

ls -ld .ssh
ls -l .ssh

> 2. I have found here that SSH sercure shell
> is available on source but OpenSSH is
> available on target, Is that creating
> problem here?

Probably not an insoluble problem. Around
here:

alp $ tcpip show version

HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 6
on a COMPAQ Professional Workstation XP1000 running OpenVMS V7.3-2

alp $ ssh "-V"
alp$dka0:[sys0.syscommon.][sysexe]tcpip$ssh_ssh2.exe: SSH Secure Shell OpenVMS (
V5.5) 3.2.0 on COMPAQ Professional Workstation - VMS V7.3-2


alp $ ssh sms@ra
Authentication successful.
Last login: Wed Apr 23 08:32:44 2008 from alp-l.antinode.
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
-bash-3.1$ ssh -V
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
-bash-3.1$


alp $ ssh sms@dy
Authentication successful.
Last login: Wed Apr 23 08:44:18 2008 from alp-l.antinode.

dy $ ssh -V
OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.006, HP-UX Secure Shell version
dy $


alp $ ssh sms@smacg4
Authentication successful.
Last login: Tue Apr 22 14:04:47 2008
Welcome to Darwin!
smacg4:~ sms$ ssh -V
OpenSSH_4.7p1, OpenSSL 0.9.7l 28 Sep 2006
smacg4:~ sms$


Of course, those are _my_ UNIX (or UNIX-like)
systems, not yours, and yours could be
different.
Reply
Amin Wahi
New Member

‎08-25-2009 09:52 AM

‎08-25-2009 09:52 AM

Re: Not able to transfer file from VMS to Unix without using password

I ran into the same issue. I found a fix that worked for me. Make sure "~/.ssh/authorized_keys" in your destination server has the permissions set to mode 600. All your other steps are correct.

Regards,
Amin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.