[Info-vax] SSH / SFTP troubles

Mon Aug 6 04:01:41 EDT 2012

On Saturday, August 4, 2012 12:55:28 AM UTC+1, Simon Clubley wrote:
> On 2012-08-03, GerMarsh <marsh.family at removed.com> wrote:
> 
> > On Thursday, August 2, 2012 5:36:37 PM UTC+1, Steven Schweda wrote:
> 
> >> > This used to be known as Hummingbird and is a Windows 7
> 
> >> 
> 
> >> > client. Using password authentication it works a treat!
> 
> >> 
> 
> >>    And what happens with password authentication "from one
> 
> >> 
> 
> >> VMS system to another"?
> 
> >> 
> 
> > That is a very good point - it merely asks for my password three times then
> 
> > comes up with the usual "No further authentication methods available".
> 
> >
> 
> > I note too that it does clock up intrusion records as well as clocking up
> 
> > failures in the UAF. The audit journal contains...
> 
> > Remote username:          SSH_23529361
> 
> > Status:                   %LOGIN-F-NOTVALID, user authorization failure
> 
> >
> 
> >I'm positive I am entering the password correctly as I can set host to it no
> 
> > problem.
> 
> >
> 
> 
> 
> One of the SFTP/SSH problems I encountered was that when certificates and
> 
> passwords were both allowed options, I could not login using a password
> 
> when connecting to some SFTP/SSH servers.
> 
> 
> 
> I'm at home so I don't have the correct command to hand, but I had to
> 
> force password only authentication from the command line before I could
> 
> login to the server when using the VMS SFTP client. (The Linux sftp/ssh
> 
> client worked just fine without any problems when connecting to the
> 
> server.)
> 
> 
> 
> As this is from memory, the syntax may be wrong, but try something like:
> 
> 
> 
> $ sftp -o "AllowedAuthentications password" {rest of sftp/ssh command line}
> 
> 
> 
> Also, I am assuming you have checked the login isn't been rejected because
> 
> you happen to have triggered breakin evasion.
> 
> 
> 
> Simon.
> 
> 
> 
> -- 
> 
> Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
> 
> Microsoft: Bringing you 1980s technology to a 21st century world

Thank you, Simon - I'll give it a try.

I went back to basics and used only password authentication but could not login. The attempts count was incremented in the UAF and I did clear the intrusion records. However, I established an SSH tunnel from Windows7 to the VMS server side without any problem! I suspect that the SSH client has "some issues". I'll try it again after we apply the latest patches.