SSH server for OpenVMS
The SSH (Secure SHell) protocol uses encrypted network (TCP/IP) connections
to allow remote client machines to access a server machine securely. Via SSH
the client may execute commands on the server machine, login via a
pseudo-terminal, create a proxy X11 server, or tunnel other TCP/IP connections
over the secure connection. The SSH server for OpenVMS allows SSH clients
to connect to OpenVMS systems.
The SSH 1.5 protocol is used by OpenVMS SSH
server, it does not currently support the new SSH 2.0 protocol.
Requirements
- OpenVMS 6.2 or higher.
- DECC compiler 5.4 or higher (no provisions made for VAX C compatibility)
- DEC TCP/IP Services for OpenVMS (UCX) or other TCP/IP package (Multinet)
with UCX emulation.
- SSLeay 0.8.1 with patch to support RSA_NO_PADDING encryption applied.
(Note: RSAREF option DOES NOT WORK, you must build SSLeay without it)
Distribution
- The server software is distributed as a ZIP file,
ssh_server_nnn.zip, where nnn is the release version.
This zip file contains the C sources, MMS description files, command procedures
and other files necessary to build the executable images.
Installation
-
Since the SSH server performs system-level services, it must be run by
the SYSTEM account or other privileged account. The
installation checklist includes items such as changing your system
startup and global login procedures. Most aspects of the server's operation
are controlled by a parameter file that must
be customized to each installation.
Restrictions
- UCX 4.1 requires eco 7 or higher to fix bugs in non-blocking socket
support
- The sethost_ssh client program is provided to aid in server testing only.
- Ciphers supported: none, idea, des, 3des, RC4, and blowfish>
- The only authentication types supported are password and RSA
- X11 port forwarding is supported but has serious security considerations.
Any logged in VMS user may connect to the X11 server being proxied through
the SSH connection.
- General port forwarding is not supported
David Jones, Ohio State University