[Info-vax] OpenVMS SSH to freeSSHd on Windows

Steven Schweda sms.antinode at gmail.com
Sun Nov 13 11:07:43 EST 2011 

On Nov 13, 12:50 am, Sum1 <n... at here.com> wrote:

> [...] Also included the
> information (5.6-9) of a show ver/all in the initial problem
> description to be helpful - sorry it wasn't for you.

   Sorry, it wasn't immediately obvious to me from which
piece of thin air that number was pulled.  Weak psychic
powers, you know.

> And neither can I as the Windows-based server only returns the
> information that it won't accept the certificate.

   And there's no useful log file on the server system?

> Nor any of the "ssh -v" diagnostics.

   Still true.

> No, you can't see the certificates - sorry. [...]

   Sigh.  I was more interested in the general format than in
the ultra-secret bits.  Have _you_ looked at them, or are
they too ultra-secret for that, too?

> Perhaps you misunderstand?  freeSSHd on Windows is the
> server, VMS is the client.  No problem generating
> certificates,

   That part was clear enough.

>  testing SSH - JUST NOT ON THE SERVER WHERE I
> STATED THE CONVERSION MUST BE UNDERSTAKEN!!!!

   That part is a complete mystery..  Especially the loud
part.  (All-upper-case does not actually make it clearer.)

> It's really not important where the conversion takes place.
> [...]

   What he said.

> [...] The typical solution is to convert the VMS
> certificates on the server (not the VMS client) but there are
> no SSH capabilities, other than SSH service/daemon on the
> Windows server.

   No, the typical solution is to convert the key files
anywhere you can find an appropriate key file conversion
program.  Actually, I'd expect any SSH server to have some
key generation capability, because I'd expect it to be able
to generate its own host keys somehow (without external
help).  As I haven't see any useful documentation on this
particular SSH server, I have no idea how much (or little)
key generation/conversion capability it has (or makes
available to a normal victim).

   I've asked twice, but I still have no idea where you're
making your keys files.  (Or what you're doing with them
after they're made, but if you got the non-VMS systems to
work, then there may be some chance that you're doing
something right there.)

> [...] clients using Windows (XP, 7, Server2003,
> Server2008), OSX, Tru64, AIX, Solaris10, Ubuntu, SuSE,
> Redhat, Debian and FreeBSD [...]

   I'd expect that somewhere in that pile, you could find an
ssh-keygen program which can do the required key file format
conversion.

> [...] not a Tru64 user and no access to a system [...]

   And yet, you claim that this stuff all works there.  As I
said before, around here, using the SSH stuff supplied with
Tru64 (rather than OpenSSH, which is probably available
there, too), the key files look like the ones on VMS, so it's
(still) not immediately clear why VMS is more troublesome
than Tru64.

> [...] I was hoping that there may have been a VMS-based
> solution to convert the certificates.

   Sadly, that hope was ill-founded.  As has been stated
before, an OpenSSH ssh-keygen program should be able to do
the conversion.

More information about the Info-vax mailing list