[Info-vax] What would you miss if DECnet got the chop? Was: "bad select 38" (OpenSSL on VMS)

Alex Rubens alexrubensnj at gmail.com
Fri Oct 28 08:31:01 EDT 2016 

On Thursday, October 27, 2016 at 9:15:04 PM UTC-4, Kerry Main wrote:
> > -----Original Message-----
> > From: Info-vax [mailto:info-vax-bounces at rbnsn.com] On Behalf
> > Of Alex Rubens via Info-vax
> > Sent: 27-Oct-16 7:55 PM
> > To: info-vax at rbnsn.com
> > Cc: Alex Rubens <alexrubensnj at gmail.com>
> > Subject: Re: [Info-vax] What would you miss if DECnet got the
> > chop? Was: "bad select 38" (OpenSSL on VMS)
> > 
> > Decnet over IP on Phase V is brilliant. The simplicity o
> telling
> > Decnet traffic over designated IP ports allows for the network
> > topology to remain simpler and have a more efficient spanning
> > tree reducing overhead.  Now, if either of the IP stacks
> supported
> > static IP forwarding, like OpenSSH does, we could implicitly
> route
> > tunnel the decent traffic over an SSH tunnel assuring the
> Decnet
> > traffic to be encrypted. Copy/FTP could still be used and be
> > compliant with any security consideration.
> > 
> > 
> 
> [snip...]
> As noted earlier here in c.o.v., Multinet does support DECnet PH
> V over IP.
> 
> Not sure if this is what you were looking for, but here is a
> Multinet link:
> http://www.process.com/docs/multinet5_4/ADMIN_REFERENCE/Ch01.htm#
> E55E58
> "MULTINET SET /ROUTE
> Specifies static IP routing, including the default route. This
> command is invoked automatically by the network startup command
> file generated by the Network Configuration Utility (NET-CONFIG).
> Before making changes with SET /ROUTE, use MULTINET SHOW /ROUTE
> to view the routing information."
> (see qualifiers)
> 
> Regards,
> 
> Kerry Main
> Kerry dot main at starkgaming dot com

. 
Kerry,

The point I raise is not related to the mechanics of setting up Decnet over IP but rather a feature for SSH. OpenSSH supports what they call dynamic port forwarding, which I have not seen within any of the IP stacks for VMS, not UCX, Multiunit or TCPWARE. Dynamic port forwarding takes all outbound traffic  for a designated port and tunnels over SSH. Typically they use the example for FTP, port 21, or telnet  port 23.

What we have on VMS is port forwarding on the per user basis, by forwarding within ssh_config. or ssh2_config. within the [.ssh2] directory.  You set a port, like 2021 to a specific IP spec using port 22, then open that ssh session as the tunnel. One would ftp to localhost port 2021 and be routed to that remote .
server over that SSH tunnel.

OpenSSH forwarding is setup in sshd_config  within /etc and forwards all traffic out on the given port over an ssh tunnel that is created at the time you start an ftp client session, for instance.

More information about the Info-vax mailing list