[Info-vax] Potential loss of data problem in sftp client in TCP/IP Services ?
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Tue Mar 13 07:09:18 EDT 2012
On 2012-03-13, Jan-Erik Soderholm <jan-erik.soderholm at telia.com> wrote:
> Simon Clubley wrote 2012-03-13 11:21:
>> On 2012-03-13, Jan-Erik Soderholm<jan-erik.soderholm at telia.com> wrote:
>>>
>>> I tried to run a few quick tests on my 8.4 (Alpha) TCPIP 5-7 ECO3 system,
>>> but gave up after a number of different errors like "wrong SSH2 version".
>>> I never understood what was the problem... :-)
>>>
>>
>> Was this during authentication ?
>>
>> Regardless of which point this was at, that doesn't sound healthy...
>>
>> Yet another problem I discovered during my early testing was that the
>> VMS sftp client would not switch to password mode after trying and
>> failing (as expected) to perform a certificate based authentication.
>>
>> This was against one specific sftp server, but the Linux sftp client
>> had no problem with that server.
>>
>> In the end, I had to force the use of password based authentication only
>> by using the option
>>
>> sftp -o "AllowedAuthentications password"
>>
>> on the command line. You may have more luck using the same option.
>>
>> Simon.
>>
>
> OK.
> Now, I guess it was not the intention to check *my* system... :-)
>
The idea is to test the sftp _client_ image supplied as part of
TCP/IP V5.7 ECO3 against a sftp server which can be reasonably
assumed to be a "known good" sftp server.
> FWIW, here is what I get :
>
> $ sftp -o "AllowedAuthentications password" "<user>@localhost"
>
> warning: Authentication failed.
> FATAL: ssh2 client failed to authenticate. (or you have too
> old ssh2 installed,)
> Disconnected; connection lost (Connection closed by remote host.).
>
Thanks for trying. When I had this problem, with the same error
message, forcing password authentication as the only valid
authentication option worked. If you are interested in finding out
why it doesn't work for you, adding "-D 5" after the sftp command
will reveal _lots_ of debugging information.
> I *can* use Reflection FTP in SFTP mode against the same user
> on the VMS box. Refletion says (about the server) :
>
> "SSH-2.0-3.20 SSH OpenVMS V5.5 VMS_sftp_version 3"
>
> Anyway, I don't feel I'm of any greater help here... :-)
>
I do appreciate you trying.
I've just tried connecting to the TCP/IP VMS sftp server (up until
now all my tests have been with sftp servers on other hosts) and
I am also seeing a loss of connection, but after the password has
been accepted.
Looking in [tcpip$ssh]tcpip$ssh_run.log shows:
/sys$system/tcpip$ssh_sftp-server2: non-translatable vms error code: 0x2A14
%system-f-exbytlm, exceeded byte count quota
%TCPIP-E-SSH_ERROR, non-specific error condition
error, which is _really_ informative. (It would be nice if VMS
output the _actual_ quota been exceeded. :-))
BTW, I've now tried it with Eisner as the remote sftp server and I am
seeing file corruption there as well. Support have come back to me and
confirmed the corruption problem in the Engineering images. No word yet
on if V5.7 ECO3 is affected.
Thanks for having tried,
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list