Versions Compared

Old Version 7

changes.mady.by.user Bruno Miretti

Saved on

compared with

New Version Current

changes.mady.by.user Bruno Miretti

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: typo

...

Info
titleNotes
  • The prompts will tell you where to execute the commands, "Tru64#" (root user) or "Linux#"  (root user)
  • Remember Linux/Unix is case sensitive
  • If hosts are not known by each other, fill the /etc/hosts file for example (using vi for example)
  • linuxhost represents the name of your CHARON server (can be any name you want)
  • tru64host represents the hostname of your Tru64 virtual machine
Warning

This part of the documentation is not correct and under review. We apologize for the inconvenience

 

  • Generate the key

Linux# cd /root/.ssh
Linux# ssh-keygen -t dsarsa

→ Do not specify a passphrase
Linux# ssh-keygen -e -f id_dsarsa.pub > linuxhost.pub

 

  • Copy the linuxhost.pub file, or use copy/paste, in the /.ssh2 folder on the Tru64 host

  • Define the authorization file:

...

then retry the same command to verify the trust is working.

(lightbulb) If an error occurs, you can check and clean the /root/.ssh/known_host file on the Linux host

How to setup ‘ssh’ trusts between Linux and VMS

Info
titleNotes
  • The prompts will tell you where to execute the commands, "VMS#VMS$" (system user) or "Linux#"  (root user)
  • Remember Linux/Unix is case sensitive, VMS is not
  • Linux: if VMS host is not known, add it to /etc/hosts for example
  • VMS: if Linux is not known, add it using: $ UCX SET HOST LINUX /ADDR=xx.xx.xx.xx
Warning
This part of the documentation is not correct and under review. We apologize for the inconvenience

 

  • Enable SSH on the VMS server:

    VMS$ SET DEF SYS$LOGIN
    VMS$ @TCPIP$CONFIG

 

  • Select then:
    • Option 3 - Server components then enable and start service SSH, option 19

    • then Option 2 - Enable & Start service on this node

 


    • ...
      * Create a new default server host key? YES: YES
           Creating private key file: TCPIP$SSH_DEVICE:TCPIP$SSH.SSH2]HOSTKEY
           Creating public key file: TCPIP$SSH_DEVICE:TCPIP$SSH.SSH2]HOSTKEY.PUB
      ...

 

  • If VMS has to connect to Linux, configure the SSH CLIENT:

 

...
* Do you want to configure SSH CLIENT [NO]: YES
...

Select then:

  • Option 2 - Enable & Start service on this node
  • Exit with E twice

 

  • Copy these files from the default SSH user for the SYSTEM one:

 

VMS$ SET DEF SYS$LOGIN
VMS$ CREATE/DIR [.SSH2]
VMS$ COPY TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]HOSTKEY [.SSH2]
VMS$ COPY TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]HOSTKEY.PUB [.SSH2]
VMS$ COPY TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]SSH2_CONFIG [.SSH2]
VMS$ EDIT [.SSH2]SSH2_CONFIG

(warning) Uncomment: BatchMode      yes

(warning) Find and set: AllowedAuthentications               publickey, password

 

  • Generate the key and

    Generate the key on the Linux server and convert it to be readable by VMS

 

...


...


  • Linux# ssh-keygen -t

...

  • rsa

    → Do not specify a passphrase
    Linux# ssh-keygen -e -f /root/.ssh/id_

...

  • rsa.pub > /root/.ssh/

...

  • linuxserver.pub

...

  • Copy the generated file /root/.ssh/linuxserver.pub, (or use copy/paste , between putty session for example) to the VMS system in the SYS$SYSROOT:[SYSMGR.SSH2] directory

 

  • Copy the hostkey.pub file from the VMS system to the Linux one:

 

Linux# ssh system@VMS "type [.SSH2]HOSTKEY.PUB" >/root/.ssh/VMS.orig.pub

(warning) Enter YES then the VMS system password

 

...

Linux# ssh-keygen -i -f /root/.ssh/VMS.orig.pub >/root/.ssh/VMS.pub
Linux# cat /root/.ssh/VMS.pub >>/root/.ssh/authorized_keys

 

  • Define the VMS identification file:

 

VMS$ SET DEF SYS$SYSLOGIN
VMS$ SET DEF SYS$SYSROOT:[.SSH2]
VMS$ OPEN/WRITE TMP IDENTIFICATION.
VMS$ WRITE TMP "IDKEY HOSTKEY"
VMS$ CLOSE TMP

...

  • (lightbulb) If this folder does not exist, create it using the following command: $ CREATE /DIRECTORY SYS$SYSROOT:[SYSMGR.SSH2]

 

  • On the VMS system add the Linux server key to the authorized keys:

 


  • VMS$ SET DEF SYS$SYSLOGIN
    VMS$ SET DEF SYS$SYSROOT:[.SSH2]
    VMS$ OPEN/WRITE TMP AUTHORIZATION.

    (warning) If the file already exists, use /APPEND instead of /WRITE
    VMS$ WRITE TMP "KEY LINUXSERVER.PUB"
    VMS$ CLOSE TMP

    (warning) Do not forget the dot at the end of the authorization file name

 

  • Perform some tests (examples)
    (info) Charon server name "charon", vms system name "pluto":

    charon# ssh system@pluto "show system /noproc"
    OpenVMS V7.3-2 on node PLUTO 27-SEP-2013 11:50:14.37 Uptime 0 19:20:07

...

Div
classpagebreak

 

Shutdown guests with Expect tool

...