HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- SFTP setup summary
Operating System - OpenVMS
        1839278
        Members
    
    
        2019
        Online
    
    
        110138
        Solutions
    
Forums
        Categories
Company
Local Language
                
                  
                  back
                
        
                
        
                
        
                
        
        
        
                
        
                
        
        
        
                
        
              
              Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
                
                  
                  back
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
                
            
            
                
            
                
            
                
            
                
            
            
                
            
                
            
            
                
            
                
              
            Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
        Information
        Community
Resources
Community Language
        Language
        Forums
Blogs
Topic Options
			
				
					
	
			
		
	- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2011 04:50 AM
05-13-2011 04:50 AM
			
				
					
						
							SFTP setup summary
						
					
					
				
			
		
	
			
	
	
	
	
	
			
				
					
					
						I have spent some time recently trying to understand how to create private/public keys. This is a summary of my understanding which may be of use to others.
Configuration for password-less communication between user a1 on VMS host v1 to user a2 on VMS host v2 using private/public key pairs.
1. sftp to both a1@v1 and a2@v2. This will create the [.ssh2] directory correctly.
2. in user a1 directory ssh2
$ @SYS$MANAGER:TCPIP$DEFINE_COMMANDS.COM
$ ssh_keygen "-P"
This produces private key ID_DSA_2048_A. and public key ID_DSA_2048_A.PUB
$ rename ID_DSA_2048_A. a1_v1.
$ rename ID_DSA_2048_A.PUB a1_v1.pub
$ set prot=w:r A.PUB a1_v1.pub ! Everybody can read public key
$ set prot=(g,w) A.PUB a1_v1. ! Private key remains private
$ create IDENTIFICATION.
Idkey ID_DSA_02048_A
$ create AUTHORIZATION.
KEY A2_V2.PUB
$ copy/ftp a1_v1.pub v2"a2 password"::[.ssh2]
3. repeat correspondingly for user a2
4. Now sftp should work in both directions
from a1
$ sftp a2@v2
From a2
$ sftp a1@v1
NB IDENTIFICATION. Is users private key (no '.')
AUTHORIZATION. Is list of strangers public keys
Comunication between a1 on VMS host v1 to a3 on Unix host u1
1. in a3
~> cd .ssh
~/.ssh> ssh-keygen -t rsa
This produces private key id_rsa and public key id_rsa.pub
2. convert public key to vms format
ssh-keygen -e -f key id_rsa.pub > a3_u1.pub
3. ftp a3_u1.pub to a1 directory ssh2
4. ftp a1_v1.pub from user a1 to .ssh as a1_v1.pub_vms
5. convert to OpenSSH format
Ssh_keygen -i -f a1_v1.pub_vms > a1_v1.pub
6. Add to authorized keys
Cat a1_v1.pub authorized_keys
7. sftp should now work
Sftp a1@v1
8. Repeat for user a2 on v2, but do
Cat a1_v1.pub a2_v2.pub > authorized_keys
9. In user a1 on host v1 append the line 'KEY a3_u1.PUB' to AUTHORIZATION.
10 sftp should now work
Sftp a3@u1
					
				
			
			
				
			
			
				
			
			
			
			
			
			
		
		
		
	
	
	
Configuration for password-less communication between user a1 on VMS host v1 to user a2 on VMS host v2 using private/public key pairs.
1. sftp to both a1@v1 and a2@v2. This will create the [.ssh2] directory correctly.
2. in user a1 directory ssh2
$ @SYS$MANAGER:TCPIP$DEFINE_COMMANDS.COM
$ ssh_keygen "-P"
This produces private key ID_DSA_2048_A. and public key ID_DSA_2048_A.PUB
$ rename ID_DSA_2048_A. a1_v1.
$ rename ID_DSA_2048_A.PUB a1_v1.pub
$ set prot=w:r A.PUB a1_v1.pub ! Everybody can read public key
$ set prot=(g,w) A.PUB a1_v1. ! Private key remains private
$ create IDENTIFICATION.
Idkey ID_DSA_02048_A
$ create AUTHORIZATION.
KEY A2_V2.PUB
$ copy/ftp a1_v1.pub v2"a2 password"::[.ssh2]
3. repeat correspondingly for user a2
4. Now sftp should work in both directions
from a1
$ sftp a2@v2
From a2
$ sftp a1@v1
NB IDENTIFICATION. Is users private key (no '.')
AUTHORIZATION. Is list of strangers public keys
Comunication between a1 on VMS host v1 to a3 on Unix host u1
1. in a3
~> cd .ssh
~/.ssh> ssh-keygen -t rsa
This produces private key id_rsa and public key id_rsa.pub
2. convert public key to vms format
ssh-keygen -e -f key id_rsa.pub > a3_u1.pub
3. ftp a3_u1.pub to a1 directory ssh2
4. ftp a1_v1.pub from user a1 to .ssh as a1_v1.pub_vms
5. convert to OpenSSH format
Ssh_keygen -i -f a1_v1.pub_vms > a1_v1.pub
6. Add to authorized keys
Cat a1_v1.pub authorized_keys
7. sftp should now work
Sftp a1@v1
8. Repeat for user a2 on v2, but do
Cat a1_v1.pub a2_v2.pub > authorized_keys
9. In user a1 on host v1 append the line 'KEY a3_u1.PUB' to AUTHORIZATION.
10 sftp should now work
Sftp a3@u1
- Tags:
- sftp
		2 REPLIES 2
	
	            
            
		
		
			
            
                - Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2011 08:16 AM
05-13-2011 08:16 AM
			
				
					
						
							Re: SFTP setup summary
						
					
					
				
			
		
	
			
	
	
	
	
	
			
				
					
					
						> [...] Unix host [...]
> [...] OpenSSH [...]
The details may vary according to which
UNIX(-like) OS and SSH software are involved.
Tru64, for example, may use the same key
format as VMS.
> ~/.ssh> ssh-keygen -t rsa
Any reason to select RSA here, but DSA on the
VMS system?
> 6. Add to authorized keys
> Cat a1_v1.pub authorized_keys
"Add to" would look more like:
cat a1_v1.pub >> authorized_keys
And "Cat" and "cat" are not the same things
in a typical UNIX(-like) environment. Same
for "Ssh_keygen" and "ssh-keygen".
> 8. Repeat for user a2 on v2, but do
> Cat a1_v1.pub a2_v2.pub > authorized_keys
Again, ">>", unless you wish to lose any
existing content in "authorized_keys".
That new copy+paste technology I've read
about is supposed to be able to help reduce
transcription errors in situations like this.
		
		
	
	
	
> [...] OpenSSH [...]
The details may vary according to which
UNIX(-like) OS and SSH software are involved.
Tru64, for example, may use the same key
format as VMS.
> ~/.ssh> ssh-keygen -t rsa
Any reason to select RSA here, but DSA on the
VMS system?
> 6. Add to authorized keys
> Cat a1_v1.pub authorized_keys
"Add to" would look more like:
cat a1_v1.pub >> authorized_keys
And "Cat" and "cat" are not the same things
in a typical UNIX(-like) environment. Same
for "Ssh_keygen" and "ssh-keygen".
> 8. Repeat for user a2 on v2, but do
> Cat a1_v1.pub a2_v2.pub > authorized_keys
Again, ">>", unless you wish to lose any
existing content in "authorized_keys".
That new copy+paste technology I've read
about is supposed to be able to help reduce
transcription errors in situations like this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-16-2011 05:07 AM
05-16-2011 05:07 AM
			
				
					
						
							Re: SFTP setup summary
						
					
					
				
			
		
	
			
	
	
	
	
	
			
				
					
					
						Just for general info
					
				
			
			
				
			
			
				
			
			
			
			
			
			
		
		
		
	
	
	
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
		
	
	
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP
