Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Dennis Ritchie is twice as bright as Steve Jobs, and only half wrong. -- Jim Gettys

computers / comp.os.vms / Re: ssh client connection issue to VMS

SubjectAuthor
* ssh client connection issue to VMSpcoviello@gmail.com
+* Re: ssh client connection issue to VMSGrant Taylor
|`* Re: ssh client connection issue to VMSpcoviello@gmail.com
| `* Re: ssh client connection issue to VMSGrant Taylor
|  `* Re: ssh client connection issue to VMSpcoviello@gmail.com
|   `- Re: ssh client connection issue to VMSGrant Taylor
`* Re: ssh client connection issue to VMSDave Froble
 `* Re: ssh client connection issue to VMSpcoviello@gmail.com
  `* Re: ssh client connection issue to VMSpcoviello@gmail.com
   `* Re: ssh client connection issue to VMSStephen Hoffman
    `* Re: ssh client connection issue to VMSCraig A. Berry
     `* Re: ssh client connection issue to VMSRobert A. Brooks
      `* Re: ssh client connection issue to VMSChris Townley
       `* Re: ssh client connection issue to VMS<kemain.nospam
        `* Re: ssh client connection issue to VMSpcoviello@gmail.com
         `* Re: ssh client connection issue to VMSStephen Hoffman
          `* Re: ssh client connection issue to VMSpcoviello@gmail.com
           +* Re: ssh client connection issue to VMSRichard Whalen
           |`- Re: ssh client connection issue to VMSpcoviello@gmail.com
           `* Re: ssh client connection issue to VMSStephen Hoffman
            `- Re: ssh client connection issue to VMSpcoviello@gmail.com

1
ssh client connection issue to VMS

<09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20257&group=comp.os.vms#20257

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a05:6214:21ea:: with SMTP id p10mr20764766qvj.65.1643137404765; Tue, 25 Jan 2022 11:03:24 -0800 (PST)
X-Received: by 2002:a05:622a:587:: with SMTP id c7mr17622634qtb.354.1643137404574; Tue, 25 Jan 2022 11:03:24 -0800 (PST)
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!tr3.eu1.usenetexpress.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Tue, 25 Jan 2022 11:03:24 -0800 (PST)
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
Subject: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Tue, 25 Jan 2022 19:03:24 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 51
 by: pcoviello@gmail.com - Tue, 25 Jan 2022 19:03 UTC

we are trying to get TN3270 to work with a small subset of ciphers and macs since we didn't do well in an audit.

the problem

TN3270 doesn't connect and I get a error code 7 cipher is unsupported.
Putty works fine, SSH from my pc works.
here is the VMS output in the log file pointing to the connection

debug(25-JAN-2022 13:31:02.07): Remote version: SSH-2.0-TN3270Plus_4.0.7
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1954: Using Client order for common key exchange algorithms.
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:2073: Constructing the first key exchange packet.
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs = diffie-hellman-group14-sha1,diffie-hellman-
group1-sha1
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3658: local kexinit: host key algs = ssh-dss
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3666: local kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes2
56-cbc
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3674: local kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes2
56-cbc
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3680: local kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1
-96
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3686: local kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1
-96
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3692: local kexinit: compressions c to s = none,zlib
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3698: local kexinit: compressions s to c = none,zlib
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3708: local kexinit: first_packet_follows = FALSE
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1261: Outgoing empty, sending empty ignore packet.
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 2 to connection
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 20 to connection
debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
debug(25-JAN-2022 13:31:04.70): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
debug(25-JAN-2022 13:31:04.70): Ssh2Transport/TRCOMMON.C:2854: >TR packet_type=1
debug(25-JAN-2022 13:31:04.71): Ssh2Transport/TRCOMMON.C:2558: Processing received SSH_MSG_DISCONNECT
debug(25-JAN-2022 13:31:04.71): Ssh2Transport/TRCOMMON.C:1300: Disconnecting: reason code: 11 message: 'Unsupported cipher'
debug(25-JAN-2022 13:31:04.71): Ssh2Common/SSHCOMMON.C:180: DISCONNECT received: Unsupported cipher
Tue 25 13:31:04 INFORMATIONAL: Remote host disconnected: Unsupported cipher
debug(25-JAN-2022 13:31:04.71): Sshd2/SSHD2.C:760: locally_generated = FALSE
Tue 25 13:31:04 INFORMATIONAL: disconnected by application in remote: 'Unsupported cipher'
debug(25-JAN-2022 13:31:04.71): SshServer/SSHSERVER.C:317: Destroying server.
debug(25-JAN-2022 13:31:04.71): SshConfig/SSHCONFIG.C:2949: Freeing pki. (host_pki != NULL, user_pki != NULL)
debug(25-JAN-2022 13:31:04.71): SshCertCMi/CMI.C:454: Free certificate manager.

SDI has had no suggestions as to what to do,
I've also the ciphers to the latest that VSI has put out or at least at the time.
I'm running 8.4-1H1 VSI I64VMS TCPIP V5.7-13ECO5F

anyone have any other thoughts?
and yes I have created a new config file also and generated new keys.

thanks
Paul

Re: ssh client connection issue to VMS

<sspj21$hq4$1@tncsrv09.home.tnetconsulting.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20260&group=comp.os.vms#20260

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!tncsrv09.home.tnetconsulting.net!.POSTED.alpha.home.tnetconsulting.net!not-for-mail
From: gtay...@tnetconsulting.net (Grant Taylor)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 12:29:12 -0700
Organization: TNet Consulting
Message-ID: <sspj21$hq4$1@tncsrv09.home.tnetconsulting.net>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 Jan 2022 19:29:05 -0000 (UTC)
Injection-Info: tncsrv09.home.tnetconsulting.net; posting-host="alpha.home.tnetconsulting.net:198.18.18.251";
logging-data="18244"; mail-complaints-to="newsmaster@tnetconsulting.net"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
In-Reply-To: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
Content-Language: en-US
 by: Grant Taylor - Tue, 25 Jan 2022 19:29 UTC

On 1/25/22 12:03 PM, pcoviello@gmail.com wrote:
> we are trying to get TN3270 to work with a small subset of ciphers
> and macs since we didn't do well in an audit.

I'm surprised that you're using TN3270 to connect to an OpenVMS system.
I think of EBCDIC when I think of TN3270. I think of ASCII when I think
of OpenVMS. I guess I'm wrong.

> the problem
>
> TN3270 doesn't connect and I get a error code 7 cipher is unsupported.

I wasn't even aware that tn3270 supported SSH.

I'm wondering if we're talking about the same tn3270.

> Putty works fine, SSH from my pc works.

This hints at cipher mismatches between old server and new client (or
vice versa).

See if the following page gives any clues.

Link - OpenSSH Legacy Options
- https://www.openssh.com/legacy.html

I've used information from that page to have contemporary SSH clients
connect to ancient SSH servers.

> here is the VMS output in the log file pointing to the connection
>
> debug(25-JAN-2022 13:31:02.07): Remote version:
> SSH-2.0-TN3270Plus_4.0.7
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1954: Using
> Client order for common key exchange algorithms.
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:2073:
> Constructing the first key exchange packet.
> debug(25-JAN-2022 13:31:02.07):
> Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs =
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3658: local
> kexinit: host key algs = ssh-dss
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3666: local
> kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3674: local
> kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3680: local
> kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3686: local
> kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3692: local
> kexinit: compressions c to s = none,zlib
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3698: local
> kexinit: compressions s to c = none,zlib
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3708: local
> kexinit: first_packet_follows = FALSE
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1261:
> Outgoing empty, sending empty ignore packet.
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1154:
> Sending packet with type 2 to connection
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1154:
> Sending packet with type 20 to connection
> debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:2961:
> Getting a SSH_MSG_KEXINIT packet from connection.
> debug(25-JAN-2022 13:31:04.70): Ssh2Transport/TRCOMMON.C:2961:
> Getting a SSH_MSG_KEXINIT packet from connection.
> debug(25-JAN-2022 13:31:04.70): Ssh2Transport/TRCOMMON.C:2854:
> >TR packet_type=1
> debug(25-JAN-2022 13:31:04.71): Ssh2Transport/TRCOMMON.C:2558:
> Processing received SSH_MSG_DISCONNECT
> debug(25-JAN-2022 13:31:04.71): Ssh2Transport/TRCOMMON.C:1300:
> Disconnecting: reason code: 11 message: 'Unsupported cipher'
> debug(25-JAN-2022 13:31:04.71): Ssh2Common/SSHCOMMON.C:180: DISCONNECT
> received: Unsupported cipher
> Tue 25 13:31:04 INFORMATIONAL: Remote host disconnected: Unsupported
> cipher
> debug(25-JAN-2022 13:31:04.71): Sshd2/SSHD2.C:760: locally_generated
> = FALSE
> Tue 25 13:31:04 INFORMATIONAL: disconnected by application in remote:
> 'Unsupported cipher'
> debug(25-JAN-2022 13:31:04.71): SshServer/SSHSERVER.C:317: Destroying
> server.
> debug(25-JAN-2022 13:31:04.71): SshConfig/SSHCONFIG.C:2949: Freeing
> pki. (host_pki != NULL, user_pki != NULL)
> debug(25-JAN-2022 13:31:04.71): SshCertCMi/CMI.C:454: Free certificate
> manager.

This /seems/ like there is no overlap between the ciphers and / or key
exchange methods that between the client and server.

> SDI has had no suggestions as to what to do,

/If/ TN3270 is using OpenSSH under the hood, you can probably put
configuration entries in the client's OpenSSH config file to allow the
OpenSSH client to connect, thus possibly allowing TN3270 to connect. --
This is predicated on TN3270 actually using OpenSSH this way. I have
no idea what it's doing.

I've had to had various combinations of the following to my
~/.ssh/config file to have my contemporary OpenSSH client connect to
some ancient SSH servers.

Host <hostname / IP> <alias>
Ciphers +aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
HostKeyAlgorithms +ssh-dss
KexAlgorithms
+diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

> I've also the ciphers to the latest that VSI has put out or at least
> at the time.
> I'm running 8.4-1H1 VSI I64VMS TCPIP V5.7-13ECO5F
>
> anyone have any other thoughts?

I have no idea if the problem that you're running into is related to the
problem that I ran into or not. But they do seem to be related to me.

Hopefully my reply gets you further down the road.

> and yes I have created a new config file also and generated new keys.

If it's the issue that I'm suspecting it is, I don't think the keys will
make much difference.

--
Grant. . . .
unix || die

Re: ssh client connection issue to VMS

<f9231340-ae04-4b3a-9788-f4e22a37335en@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20261&group=comp.os.vms#20261

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:ac8:7dc5:: with SMTP id c5mr18238756qte.173.1643139911833;
Tue, 25 Jan 2022 11:45:11 -0800 (PST)
X-Received: by 2002:ad4:5d6d:: with SMTP id fn13mr10677902qvb.61.1643139911585;
Tue, 25 Jan 2022 11:45:11 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Tue, 25 Jan 2022 11:45:11 -0800 (PST)
In-Reply-To: <sspj21$hq4$1@tncsrv09.home.tnetconsulting.net>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com> <sspj21$hq4$1@tncsrv09.home.tnetconsulting.net>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <f9231340-ae04-4b3a-9788-f4e22a37335en@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Tue, 25 Jan 2022 19:45:11 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 122
 by: pcoviello@gmail.com - Tue, 25 Jan 2022 19:45 UTC

On Tuesday, January 25, 2022 at 2:29:08 PM UTC-5, Grant Taylor wrote:
> On 1/25/22 12:03 PM, pcov...@gmail.com wrote:
> > we are trying to get TN3270 to work with a small subset of ciphers
> > and macs since we didn't do well in an audit.
> I'm surprised that you're using TN3270 to connect to an OpenVMS system.
> I think of EBCDIC when I think of TN3270. I think of ASCII when I think
> of OpenVMS. I guess I'm wrong.
> > the problem
> >
> > TN3270 doesn't connect and I get a error code 7 cipher is unsupported.
> I wasn't even aware that tn3270 supported SSH.
>
> I'm wondering if we're talking about the same tn3270.
> > Putty works fine, SSH from my pc works.
> This hints at cipher mismatches between old server and new client (or
> vice versa).
>
> See if the following page gives any clues.
>
> Link - OpenSSH Legacy Options
> - https://www.openssh.com/legacy.html
>
> I've used information from that page to have contemporary SSH clients
> connect to ancient SSH servers.
> > here is the VMS output in the log file pointing to the connection
> >
> > debug(25-JAN-2022 13:31:02.07): Remote version:
> > SSH-2.0-TN3270Plus_4.0.7
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1954: Using
> > Client order for common key exchange algorithms.
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:2073:
> > Constructing the first key exchange packet.
> > debug(25-JAN-2022 13:31:02.07):
> > Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs =
> > diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3658: local
> > kexinit: host key algs = ssh-dss
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3666: local
> > kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3674: local
> > kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3680: local
> > kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3686: local
> > kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3692: local
> > kexinit: compressions c to s = none,zlib
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3698: local
> > kexinit: compressions s to c = none,zlib
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:3708: local
> > kexinit: first_packet_follows = FALSE
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1261:
> > Outgoing empty, sending empty ignore packet.
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1154:
> > Sending packet with type 2 to connection
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:1154:
> > Sending packet with type 20 to connection
> > debug(25-JAN-2022 13:31:02.07): Ssh2Transport/TRCOMMON.C:2961:
> > Getting a SSH_MSG_KEXINIT packet from connection.
> > debug(25-JAN-2022 13:31:04.70): Ssh2Transport/TRCOMMON.C:2961:
> > Getting a SSH_MSG_KEXINIT packet from connection.
> > debug(25-JAN-2022 13:31:04.70): Ssh2Transport/TRCOMMON.C:2854:
> > >TR packet_type=1
> > debug(25-JAN-2022 13:31:04.71): Ssh2Transport/TRCOMMON.C:2558:
> > Processing received SSH_MSG_DISCONNECT
> > debug(25-JAN-2022 13:31:04.71): Ssh2Transport/TRCOMMON.C:1300:
> > Disconnecting: reason code: 11 message: 'Unsupported cipher'
> > debug(25-JAN-2022 13:31:04.71): Ssh2Common/SSHCOMMON.C:180: DISCONNECT
> > received: Unsupported cipher
> > Tue 25 13:31:04 INFORMATIONAL: Remote host disconnected: Unsupported
> > cipher
> > debug(25-JAN-2022 13:31:04.71): Sshd2/SSHD2.C:760: locally_generated
> > = FALSE
> > Tue 25 13:31:04 INFORMATIONAL: disconnected by application in remote:
> > 'Unsupported cipher'
> > debug(25-JAN-2022 13:31:04.71): SshServer/SSHSERVER.C:317: Destroying
> > server.
> > debug(25-JAN-2022 13:31:04.71): SshConfig/SSHCONFIG.C:2949: Freeing
> > pki. (host_pki != NULL, user_pki != NULL)
> > debug(25-JAN-2022 13:31:04.71): SshCertCMi/CMI.C:454: Free certificate
> > manager.
> This /seems/ like there is no overlap between the ciphers and / or key
> exchange methods that between the client and server.
> > SDI has had no suggestions as to what to do,
> /If/ TN3270 is using OpenSSH under the hood, you can probably put
> configuration entries in the client's OpenSSH config file to allow the
> OpenSSH client to connect, thus possibly allowing TN3270 to connect. --
> This is predicated on TN3270 actually using OpenSSH this way. I have
> no idea what it's doing.
>
> I've had to had various combinations of the following to my
> ~/.ssh/config file to have my contemporary OpenSSH client connect to
> some ancient SSH servers.
>
> Host <hostname / IP> <alias>
> Ciphers +aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
> HostKeyAlgorithms +ssh-dss
> KexAlgorithms
> +diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> > I've also the ciphers to the latest that VSI has put out or at least
> > at the time.
> > I'm running 8.4-1H1 VSI I64VMS TCPIP V5.7-13ECO5F
> >
> > anyone have any other thoughts?
> I have no idea if the problem that you're running into is related to the
> problem that I ran into or not. But they do seem to be related to me.
>
> Hopefully my reply gets you further down the road.
> > and yes I have created a new config file also and generated new keys.
> If it's the issue that I'm suspecting it is, I don't think the keys will
> make much difference.
>
>
>
> --
> Grant. . . .
> unix || die

thanks Grant, I'm not able to add the individual clients to the config, we have about 500 users connecting to our server. it would be a logistical nightmare!!!

I'll check with SDI on their use and see if there is a way to add it.
thanks

Re: ssh client connection issue to VMS

<sspksl$vrl$1@tncsrv09.home.tnetconsulting.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20262&group=comp.os.vms#20262

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!tncsrv09.home.tnetconsulting.net!.POSTED.alpha.home.tnetconsulting.net!not-for-mail
From: gtay...@tnetconsulting.net (Grant Taylor)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 13:00:28 -0700
Organization: TNet Consulting
Message-ID: <sspksl$vrl$1@tncsrv09.home.tnetconsulting.net>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspj21$hq4$1@tncsrv09.home.tnetconsulting.net>
<f9231340-ae04-4b3a-9788-f4e22a37335en@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 Jan 2022 20:00:21 -0000 (UTC)
Injection-Info: tncsrv09.home.tnetconsulting.net; posting-host="alpha.home.tnetconsulting.net:198.18.18.251";
logging-data="32629"; mail-complaints-to="newsmaster@tnetconsulting.net"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
In-Reply-To: <f9231340-ae04-4b3a-9788-f4e22a37335en@googlegroups.com>
Content-Language: en-US
 by: Grant Taylor - Tue, 25 Jan 2022 20:00 UTC

On 1/25/22 12:45 PM, pcoviello@gmail.com wrote:
> thanks Grant,

You're welcome.

> I'm not able to add the individual clients to the config, we have
> about 500 users connecting to our server. it would be a logistical
> nightmare!!!

I understand and appreciate the (lack of) scalability problem.

I might suggest that you try it on one or two clients to see if you can
narrow down or hopefully identify if that is in fact the problem.

> I'll check with SDI on their use and see if there is a way to add it.
> thanks

Having some information from a test or two might make the conversation
more productive.

Good luck!

--
Grant. . . .
unix || die

Re: ssh client connection issue to VMS

<a08ef342-7780-4666-b862-c3213aa7bb79n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20263&group=comp.os.vms#20263

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a05:622a:1044:: with SMTP id f4mr12633257qte.635.1643143023633;
Tue, 25 Jan 2022 12:37:03 -0800 (PST)
X-Received: by 2002:a05:622a:1350:: with SMTP id w16mr18146804qtk.298.1643143023422;
Tue, 25 Jan 2022 12:37:03 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Tue, 25 Jan 2022 12:37:03 -0800 (PST)
In-Reply-To: <sspksl$vrl$1@tncsrv09.home.tnetconsulting.net>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspj21$hq4$1@tncsrv09.home.tnetconsulting.net> <f9231340-ae04-4b3a-9788-f4e22a37335en@googlegroups.com>
<sspksl$vrl$1@tncsrv09.home.tnetconsulting.net>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <a08ef342-7780-4666-b862-c3213aa7bb79n@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Tue, 25 Jan 2022 20:37:03 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 58
 by: pcoviello@gmail.com - Tue, 25 Jan 2022 20:37 UTC

On Tuesday, January 25, 2022 at 3:00:23 PM UTC-5, Grant Taylor wrote:
> On 1/25/22 12:45 PM, pcov...@gmail.com wrote:
> > thanks Grant,
>
> You're welcome.
> > I'm not able to add the individual clients to the config, we have
> > about 500 users connecting to our server. it would be a logistical
> > nightmare!!!
> I understand and appreciate the (lack of) scalability problem.
>
> I might suggest that you try it on one or two clients to see if you can
> narrow down or hopefully identify if that is in fact the problem.
> > I'll check with SDI on their use and see if there is a way to add it.
> > thanks
> Having some information from a test or two might make the conversation
> more productive.
>
> Good luck!
> --
> Grant. . . .
> unix || die

well I added this into the config file

Host PO10IT002 / IP> 10.128.52.10
Ciphers +aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
HostKeyAlgorithms +ssh-dss
KexAlgorithms
+diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

and what resides in the log file.

debug(25-JAN-2022 15:39:18.65): Remote version: SSH-2.0-TN3270Plus_4.0.7
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:1954: Using Client order for common key exchange algorithms.
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:2073: Constructing the first key exchange packet.
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs = diffie-hellman-group14-sha1,diffie-hellman-
group1-sha1
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3658: local kexinit: host key algs = ssh-dss
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3666: local kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes2
56-cbc
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3674: local kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes2
56-cbc
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3680: local kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1
-96
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3686: local kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1
-96
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3692: local kexinit: compressions c to s = none,zlib
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3698: local kexinit: compressions s to c = none,zlib
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:3708: local kexinit: first_packet_follows = FALSE
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:1261: Outgoing empty, sending empty ignore packet.
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 2 to connection
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 20 to connection
debug(25-JAN-2022 15:39:18.65): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
Tue 25 15:39:48 WARNING: LoginGraceTime exceeded.
debug(25-JAN-2022 15:39:48.59): SshServer/SSHSERVER.C:317: Destroying server.

I don't think that TN3270 uses or sees it? at least if I'm reading this right...

Re: ssh client connection issue to VMS

<sspnmd$cqv$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20264&group=comp.os.vms#20264

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: dav...@tsoft-inc.com (Dave Froble)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 15:48:14 -0500
Organization: A noiseless patient Spider
Lines: 17
Message-ID: <sspnmd$cqv$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 Jan 2022 20:48:13 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="668dccba4bb456b64b67b6b4a516cfe2";
logging-data="13151"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19S8KMj3S//lUfGxBoWFyriXDeuq/zqvxI="
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:45.0) Gecko/20100101
Thunderbird/45.8.0
Cancel-Lock: sha1:pdcjQSniluZhmMqCQtjZLpplFkE=
In-Reply-To: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
 by: Dave Froble - Tue, 25 Jan 2022 20:48 UTC

On 1/25/2022 2:03 PM, pcoviello@gmail.com wrote:
> I've also the ciphers to the latest that VSI has put out or at least at the time.
> I'm running 8.4-1H1 VSI I64VMS TCPIP V5.7-13ECO5F
>
> anyone have any other thoughts?
> and yes I have created a new config file also and generated new keys.

I think TCPIP V5.7-13ECO5O is the latest version, and there is also a patch
from VSI to add newer cyphers.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

Re: ssh client connection issue to VMS

<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20266&group=comp.os.vms#20266

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a05:620a:148f:: with SMTP id w15mr16185573qkj.680.1643144070453;
Tue, 25 Jan 2022 12:54:30 -0800 (PST)
X-Received: by 2002:ad4:5fc8:: with SMTP id jq8mr1444862qvb.33.1643144070293;
Tue, 25 Jan 2022 12:54:30 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!nntp.club.cc.cmu.edu!5.161.45.24.MISMATCH!2.us.feeder.erje.net!feeder.erje.net!border1.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Tue, 25 Jan 2022 12:54:29 -0800 (PST)
In-Reply-To: <sspnmd$cqv$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com> <sspnmd$cqv$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Tue, 25 Jan 2022 20:54:30 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 19
 by: pcoviello@gmail.com - Tue, 25 Jan 2022 20:54 UTC

On Tuesday, January 25, 2022 at 3:48:15 PM UTC-5, Dave Froble wrote:
> On 1/25/2022 2:03 PM, pcov...@gmail.com wrote:
> > I've also the ciphers to the latest that VSI has put out or at least at the time.
> > I'm running 8.4-1H1 VSI I64VMS TCPIP V5.7-13ECO5F
> >
> > anyone have any other thoughts?
> > and yes I have created a new config file also and generated new keys.
> I think TCPIP V5.7-13ECO5O is the latest version, and there is also a patch
> from VSI to add newer cyphers.
>
>
> --
> David Froble Tel: 724-529-0450
> Dave Froble Enterprises, Inc. E-Mail: da...@tsoft-inc.com
> DFE Ultralights, Inc.
> 170 Grimplin Road
> Vanderbilt, PA 15486
yes I've added the new ciphers.

I'll look at the new IP patch, thanks

Re: ssh client connection issue to VMS

<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20267&group=comp.os.vms#20267

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:ad4:5be5:: with SMTP id k5mr1720399qvc.130.1643146070803;
Tue, 25 Jan 2022 13:27:50 -0800 (PST)
X-Received: by 2002:a05:620a:24c5:: with SMTP id m5mr16452573qkn.54.1643146070589;
Tue, 25 Jan 2022 13:27:50 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Tue, 25 Jan 2022 13:27:50 -0800 (PST)
In-Reply-To: <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Tue, 25 Jan 2022 21:27:50 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 35
 by: pcoviello@gmail.com - Tue, 25 Jan 2022 21:27 UTC

On Tuesday, January 25, 2022 at 3:54:31 PM UTC-5, pcoviello@gmail.com wrote:
> On Tuesday, January 25, 2022 at 3:48:15 PM UTC-5, Dave Froble wrote:
> > On 1/25/2022 2:03 PM, pcov...@gmail.com wrote:
> > > I've also the ciphers to the latest that VSI has put out or at least at the time.
> > > I'm running 8.4-1H1 VSI I64VMS TCPIP V5.7-13ECO5F
> > >
> > > anyone have any other thoughts?
> > > and yes I have created a new config file also and generated new keys.
> > I think TCPIP V5.7-13ECO5O is the latest version, and there is also a patch
> > from VSI to add newer cyphers.
> >
> >
> > --
> > David Froble Tel: 724-529-0450
> > Dave Froble Enterprises, Inc. E-Mail: da...@tsoft-inc.com
> > DFE Ultralights, Inc.
> > 170 Grimplin Road
> > Vanderbilt, PA 15486
> yes I've added the new ciphers.
>
> I'll look at the new IP patch, thanks

interesting that it has nothing newer than 2017... I'll have to make a call.

This patch kit supersedes the following previously released VSI kits:

VSI I64VMS TCPIP_NFS_PAT V5.7-ECO5C
VSI I64VMS TCPIP_SSH_PAT V5.7-ECO5D

This patch kit contains a roll up of many ECO corrections that were
previously provided to selected customers in backup saveset format.
Below is a list of the backup saveset fixes released by HPE that are
included in this kit.

Kits from 2017-2014

Re: ssh client connection issue to VMS

<ssptbk$5kl$1@tncsrv09.home.tnetconsulting.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20269&group=comp.os.vms#20269

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!tncsrv09.home.tnetconsulting.net!.POSTED.alpha.home.tnetconsulting.net!not-for-mail
From: gtay...@tnetconsulting.net (Grant Taylor)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 15:24:59 -0700
Organization: TNet Consulting
Message-ID: <ssptbk$5kl$1@tncsrv09.home.tnetconsulting.net>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspj21$hq4$1@tncsrv09.home.tnetconsulting.net>
<f9231340-ae04-4b3a-9788-f4e22a37335en@googlegroups.com>
<sspksl$vrl$1@tncsrv09.home.tnetconsulting.net>
<a08ef342-7780-4666-b862-c3213aa7bb79n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 Jan 2022 22:24:52 -0000 (UTC)
Injection-Info: tncsrv09.home.tnetconsulting.net; posting-host="alpha.home.tnetconsulting.net:198.18.18.251";
logging-data="5781"; mail-complaints-to="newsmaster@tnetconsulting.net"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
In-Reply-To: <a08ef342-7780-4666-b862-c3213aa7bb79n@googlegroups.com>
Content-Language: en-US
 by: Grant Taylor - Tue, 25 Jan 2022 22:24 UTC

On 1/25/22 1:37 PM, pcoviello@gmail.com wrote:
> well I added this into the config file
>
> Host PO10IT002 / IP> 10.128.52.10

Hum.

I don't know if it's a message / Usenet / other formatting issue or if
you have the forward slash and / or greater than symbol on the line. I
would expect neither of those characters to be there in a standard SSH
client configuration file.

> I don't think that TN3270 uses or sees it? at least if I'm reading
> this right...

Try having the standard ssh client connect to the name or IP address.
Add the "-v" command line option to see if the config entries are being
applied or not.

I see something like:

debug1: /path/to/client/config/file line ##: Applying options for
$ServerName

If you see that, then you know that the config is being applied.

--
Grant. . . .
unix || die

Re: ssh client connection issue to VMS

<ssptff$o7r$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20270&group=comp.os.vms#20270

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: seaoh...@hoffmanlabs.invalid (Stephen Hoffman)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 17:26:55 -0500
Organization: HoffmanLabs LLC
Lines: 25
Message-ID: <ssptff$o7r$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com> <sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com> <320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="685dcc632a245515f43fde9d88c1f494";
logging-data="24827"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/kki6JbOvwnnJ3FXIDescTWn8oOwTl6r0="
User-Agent: Unison/2.2
Cancel-Lock: sha1:xzH6idYI1YvkZcx9ZFiiwSEHix4=
 by: Stephen Hoffman - Tue, 25 Jan 2022 22:26 UTC

On 2022-01-25 21:27:50 +0000, pcoviello@gmail.com said:

> interesting that it has nothing newer than 2017... I'll have to make a call.
>
> This patch kit supersedes the following previously released VSI kits:
>
> VSI I64VMS TCPIP_NFS_PAT V5.7-ECO5C
> VSI I64VMS TCPIP_SSH_PAT V5.7-ECO5D

ECO5o was current last I checked, and that check was long enough ago
that ECO5o has quite possibly been superseded.

You have to ask VSI for some patches, and this was one.

ECO5o added less-old ssh support, and fixed ssh connection issues I'd
encountered.

The wholesale-replacement OpenSSH kit was also in test, and that should
greatly improve compatibility with current ssh implementations.

--
Pure Personal Opinion | HoffmanLabs LLC

Re: ssh client connection issue to VMS

<ssq20i$mb6$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20271&group=comp.os.vms#20271

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: craigbe...@nospam.mac.com (Craig A. Berry)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 17:44:17 -0600
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <ssq20i$mb6$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me>
<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
<ssptff$o7r$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 Jan 2022 23:44:19 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="990a8553303b6e79d9aaa1eb8aee4339";
logging-data="22886"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18O9M6bd7gaprYn7yfChk0wnWpv/qQvwPk="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.5.0
Cancel-Lock: sha1:DMe16tCQssFcmB3TQ34Hdm0U0Mo=
In-Reply-To: <ssptff$o7r$1@dont-email.me>
Content-Language: en-US
 by: Craig A. Berry - Tue, 25 Jan 2022 23:44 UTC

On 1/25/22 4:26 PM, Stephen Hoffman wrote:

> The wholesale-replacement OpenSSH kit was also in test, and that should
> greatly improve compatibility with current ssh implementations.

According to the roadmap, this was to be in beta for Alpha and Itanium
in Q4 of last year, but I can't find any relevant kits on the service
platform portal and don't remember any announcements. There is a kit
available for X86VMS, and the OP could consider spinning up one of those
and checking whether it solves the problem. That could be a nice
factoid to have in hand when chatting with VSI support and/or sales.

Re: ssh client connection issue to VMS

<ssq2f9$nqe$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20272&group=comp.os.vms#20272

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: FIRST.L...@vmssoftware.com (Robert A. Brooks)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 18:52:09 -0500
Organization: A noiseless patient Spider
Lines: 16
Message-ID: <ssq2f9$nqe$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me>
<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
<ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 Jan 2022 23:52:09 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="f4e2817e25d216cbe5afba778014be73";
logging-data="24398"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19KScHEKDGZ1TubJaJVaJhFWz6akL+GDK+CBCoLn4iu4A=="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.5.0
Cancel-Lock: sha1:jYLTEEOCbIlEOSm80JXoEKKMH34=
In-Reply-To: <ssq20i$mb6$1@dont-email.me>
X-Antivirus-Status: Clean
Content-Language: en-US
X-Antivirus: Avast (VPS 220125-8, 1/25/2022), Outbound message
 by: Robert A. Brooks - Tue, 25 Jan 2022 23:52 UTC

On 1/25/2022 6:44 PM, Craig A. Berry wrote:
>
> On 1/25/22 4:26 PM, Stephen Hoffman wrote:
>
>> The wholesale-replacement OpenSSH kit was also in test, and that should
>> greatly improve compatibility with current ssh implementations.
>
> According to the roadmap, this was to be in beta for Alpha and Itanium
> in Q4 of last year, but I can't find any relevant kits on the service
> platform portal and don't remember any announcements.

From what I understand, the OpenSSH kit will be ready for testing
"soon".

--
-- Rob

Re: ssh client connection issue to VMS

<ssq3o4$vqd$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20273&group=comp.os.vms#20273

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: new...@cct-net.co.uk (Chris Townley)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Wed, 26 Jan 2022 00:13:55 +0000
Organization: A noiseless patient Spider
Lines: 21
Message-ID: <ssq3o4$vqd$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me>
<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
<ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me>
<ssq2f9$nqe$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 26 Jan 2022 00:13:56 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="393958008aa2f834fc5c4d42661199b4";
logging-data="32589"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/Ah8SPN/VhjPFGQ8RtUqgEPrGtS0nf4Rg="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.5.0
Cancel-Lock: sha1:ydBGqWtX8KIaxDSiohLTN0dEIio=
In-Reply-To: <ssq2f9$nqe$1@dont-email.me>
Content-Language: en-GB
 by: Chris Townley - Wed, 26 Jan 2022 00:13 UTC

On 25/01/2022 23:52, Robert A. Brooks wrote:
> On 1/25/2022 6:44 PM, Craig A. Berry wrote:
>>
>> On 1/25/22 4:26 PM, Stephen Hoffman wrote:
>>
>>> The wholesale-replacement OpenSSH kit was also in test, and that
>>> should greatly improve compatibility with current ssh implementations.
>>
>> According to the roadmap, this was to be in beta for Alpha and Itanium
>> in Q4 of last year, but I can't find any relevant kits on the service
>> platform portal and don't remember any announcements.
>
> From what I understand, the OpenSSH kit will be ready for testing
> "soon".
>

You could always look at Process Software - their TCPWare package has up
to date ciphers. They also have an SSH package

--
Chris

Re: ssh client connection issue to VMS

<mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20277&group=comp.os.vms#20277

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!kishost2.serverpowered.net!not-for-mail
From:
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Tue, 25 Jan 2022 20:49:56 -0400
Lines: 54
Message-ID: <mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me>
<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
<ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me>
<ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me>
<000d01d8124e$a3e87820$ebb96860$@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Injection-Info: solani.org;
logging-data="208266"; mail-complaints-to="abuse@news.solani.org"
To: "'comp.os.vms to email gateway'" <info-vax@rbnsn.com>
Cancel-Lock: sha1:3yw+6tk3By/F79EoxQZOqYHj7Zg=
List-Post: <mailto:info-vax@rbnsn.com>
List-Id: "comp.os.vms to email gateway" <info-vax.rbnsn.com>
List-Subscribe: <http://rbnsn.com/mailman/listinfo/info-vax_rbnsn.com>,
<mailto:info-vax-request@rbnsn.com?subject=subscribe>
X-Spam-Status: No, score=2.8
X-Ham-Report: Spam detection software,
running on the system "kishost2.serverpowered.net",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details. Content preview: >
Content analysis details: (2.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
3.0 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5000]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider [kemain.nospam[at]gmail.com]
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
X-Spam-Score: 28
List-Help: <mailto:info-vax-request@rbnsn.com?subject=help>
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:from:to:references:in-reply-to:subject:date
:message-id:mime-version:content-transfer-encoding:content-language
:thread-index;
bh=59zlIoo/qkJr5UaHD5b6LgVnwJniDAPVF5jo0C+KscU=;
b=GvtoxYdezyHS1z+oJLBTFgHJDJ6V5wVR/vK4P2s+wM/FAt1jdD6k2hCaDkdXpK4jJn
K4P/WqxeQYDN/2xs498+1IpwtqFGdXTY771nb6CsQyjpSjyX43dE/CxoGUdz8MMwVEwf
3CvQQ/NR73HWPjhN8RUO7fK1FuOUl6EHBV2Rvgp81jnHe2wDRj5kBNSfoolpM1OZNmA2
ZHMBlKC2T9mJ+B5HHfU1sZix0HLtK4D6F0d1xAWiKK7eBm20ChqrW79Yo3A++qEwbq4T
X/25rXZaZQ97oyAUdrRgTe8n0JYHvVYf8Sq7pL2XRzRS6LGsUvu/jqKU13f6L9CVjWis
+NRg==
List-Unsubscribe: <http://rbnsn.com/mailman/options/info-vax_rbnsn.com>,
<mailto:info-vax-request@rbnsn.com?subject=unsubscribe>
In-Reply-To: <ssq3o4$vqd$1@dont-email.me>
Precedence: list
X-Gm-Message-State: AOAM532+suJAAo4xpLhB3GTOltaoHl+IspBXTPgizM2+TsodjMdQ9xCG
NvSQPznJ8XR5U1p3lkJKyQBsYd9Ez1o=
X-Google-Smtp-Source: ABdhPJyWtf6MexkUJQ7H/oc8WReyNb38Ka5QsgKUKgjOtPRRXWtygWWnLdLIOME5x4VqeY7w57KsZA==
X-Spam-Bar: ++
X-Antivirus-Status: Clean
X-Mailman-Original-References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me>
<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
<ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me>
<ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me>
X-Mailman-Version: 2.1.37
X-Antivirus: AVG (VPS 220125-8, 1/25/2022), Outbound message
List-Archive: <http://rbnsn.com/pipermail/info-vax_rbnsn.com/>
X-Received: by 2002:a05:622a:606:: with SMTP id
z6mr3369172qta.623.1643158197778;
Tue, 25 Jan 2022 16:49:57 -0800 (PST)
Content-Language: en-ca
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=from:to:references:in-reply-to:subject:date:message-id:mime-version
:content-transfer-encoding:content-language:thread-index;
bh=59zlIoo/qkJr5UaHD5b6LgVnwJniDAPVF5jo0C+KscU=;
b=XnjQG/YC+6s+NFOnuCG5Y0ECqnObaKBGCvPA926D8xcFSlrGN6rq1lrOzfyirMyxjT
xrh4IAqfrpv+nEDXHM08ehhp7z0Ie+MfQ0pMrnWsglri+WtsVJGfxDs6TLyge9dGc2aU
/8RUXAZ3qCXjLT+/apFaGBfCGq4HHc9rw/Qno8waa4U3DuB7lTdG0TkJczFlKk2ggtkN
NvyRQIcU+cu1hZVrsApqXiEf33SzyHdEzGkdtBxri4pjGhWRWX3CCsEjZb3n03tqzHvZ
KoAI2O2B6JIlM/D075AHl2GljzzwU52xL8Co0PQHtxydguSfidZ6wjCvMyo58i6x1zcl
ALcA==
Thread-Index: AQITfJl9h+HTvG+zB/1tN0TLoR5ZuAKC65FMAh6P3kICZ0blPAKYsyOtAhCY+YoBqcA3tQKSm5dbq34vYgA=
X-Mailman-Original-Message-ID: <000d01d8124e$a3e87820$ebb96860$@gmail.com>
X-Spam-Flag: NO
X-User-ID: eJwVxMkRwDAIBLCWwnKFcjBh+y/BEz3kGhKTFh7mdI68h6DuyV7nIr60LH3WJpqC7PkHQFTWBS/+ETo=
X-Mailer: Microsoft Outlook 16.0
X-BeenThere: info-vax@rbnsn.com
 by: - Wed, 26 Jan 2022 00:49 UTC

>-----Original Message-----
>From: Info-vax <info-vax-bounces@rbnsn.com> On Behalf Of Chris Townley
>via Info-vax
>Sent: January-25-22 8:14 PM
>To: info-vax@rbnsn.com
>Cc: Chris Townley <news@cct-net.co.uk>
>Subject: Re: [Info-vax] ssh client connection issue to VMS
>
>On 25/01/2022 23:52, Robert A. Brooks wrote:
>> On 1/25/2022 6:44 PM, Craig A. Berry wrote:
>>>
>>> On 1/25/22 4:26 PM, Stephen Hoffman wrote:
>>>
>>>> The wholesale-replacement OpenSSH kit was also in test, and that
>>>> should greatly improve compatibility with current ssh implementations.
>>>
>>> According to the roadmap, this was to be in beta for Alpha and
>>> Itanium in Q4 of last year, but I can't find any relevant kits on the
>>> service platform portal and don't remember any announcements.
>>
>> From what I understand, the OpenSSH kit will be ready for testing
>> "soon".
>>
>
>You could always look at Process Software - their TCPWare package has up to
>date ciphers. They also have an SSH package
>
>--
>Chris

As Chris correctly stated, Process Software does have a very current SSH kit
that can also be used with the standard TCPIP Services stack.

<https://www.process.com/products/ssh/>

< https://www.process.com/products/ssh/ssh_datasheet.pdf>

Regards,

Kerry Main
Kerry dot main at starkgaming dot com

--
This email has been checked for viruses by AVG.
https://www.avg.com

Re: ssh client connection issue to VMS

<e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20291&group=comp.os.vms#20291

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:ac8:4e1b:: with SMTP id c27mr8076462qtw.575.1643220069414;
Wed, 26 Jan 2022 10:01:09 -0800 (PST)
X-Received: by 2002:a05:622a:512:: with SMTP id l18mr21098384qtx.120.1643220069172;
Wed, 26 Jan 2022 10:01:09 -0800 (PST)
Path: i2pn2.org!rocksolid2!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Wed, 26 Jan 2022 10:01:08 -0800 (PST)
In-Reply-To: <mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <AQITfJl9h+HTvG+zB/1tN0TLoR5ZuAKC65FMAh6P3kICZ0blPAKYsyOtAhCY+YoBqcA3tQKSm5dbq34vYgA=>
<09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com> <sspnmd$cqv$1@dont-email.me>
<4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com> <320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com>
<ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me>
<000d01d8124e$a3e87820$ebb96860$@gmail.com> <ssq3o4$vqd$1@dont-email.me> <mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Wed, 26 Jan 2022 18:01:09 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 56
 by: pcoviello@gmail.com - Wed, 26 Jan 2022 18:01 UTC

On Tuesday, January 25, 2022 at 7:55:06 PM UTC-5, kemain...@gmail.com wrote:
> >-----Original Message-----
> >From: Info-vax <info-vax...@rbnsn.com> On Behalf Of Chris Townley
> >via Info-vax
> >Sent: January-25-22 8:14 PM
> >To: info...@rbnsn.com
> >Cc: Chris Townley <ne...@cct-net.co.uk>
> >Subject: Re: [Info-vax] ssh client connection issue to VMS
> >
> >On 25/01/2022 23:52, Robert A. Brooks wrote:
> >> On 1/25/2022 6:44 PM, Craig A. Berry wrote:
> >>>
> >>> On 1/25/22 4:26 PM, Stephen Hoffman wrote:
> >>>
> >>>> The wholesale-replacement OpenSSH kit was also in test, and that
> >>>> should greatly improve compatibility with current ssh implementations.
> >>>
> >>> According to the roadmap, this was to be in beta for Alpha and
> >>> Itanium in Q4 of last year, but I can't find any relevant kits on the
> >>> service platform portal and don't remember any announcements.
> >>
> >> From what I understand, the OpenSSH kit will be ready for testing
> >> "soon".
> >>
> >
> >You could always look at Process Software - their TCPWare package has up to
> >date ciphers. They also have an SSH package
> >
> >--
> >Chris
> As Chris correctly stated, Process Software does have a very current SSH kit
> that can also be used with the standard TCPIP Services stack.
>
> <https://www.process.com/products/ssh/>
>
> < https://www.process.com/products/ssh/ssh_datasheet.pdf>
>
>
> Regards,
>
> Kerry Main
> Kerry dot main at starkgaming dot com
>
>
>
>
>
>
>
> --
> This email has been checked for viruses by AVG.
> https://www.avg.com

yes I've downloaded the latest kits, though there is some discrepancies between the document and what is in the zip file for SSH,

as far as the Process Software stack, unfortunately Intersystems has some notes only to use the HPE/VSI stack...

Re: ssh client connection issue to VMS

<sssmj4$pch$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20295&group=comp.os.vms#20295

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: seaoh...@hoffmanlabs.invalid (Stephen Hoffman)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Wed, 26 Jan 2022 18:47:48 -0500
Organization: HoffmanLabs LLC
Lines: 12
Message-ID: <sssmj4$pch$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com> <sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com> <320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com> <ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me> <mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com> <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="9e9a4aa0fcdcb00f81f863e10b48d9d4";
logging-data="26001"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19369/ax+ZEfAmiEeP7C88t3Anuacu4zy4="
User-Agent: Unison/2.2
Cancel-Lock: sha1:WbPk70+bvbkKQoIxr09MAgJ5dqU=
 by: Stephen Hoffman - Wed, 26 Jan 2022 23:47 UTC

On 2022-01-26 18:01:08 +0000, pcoviello@gmail.com said:

> ...yes I've downloaded the latest kits, though there is some
> discrepancies between the document and what is in the zip file for SSH,

Noticed that, eh? Whoever packaged that clearly didn't.

--
Pure Personal Opinion | HoffmanLabs LLC

Re: ssh client connection issue to VMS

<334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20350&group=comp.os.vms#20350

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a37:44d:: with SMTP id 74mr6128172qke.328.1643384844669;
Fri, 28 Jan 2022 07:47:24 -0800 (PST)
X-Received: by 2002:a05:622a:613:: with SMTP id z19mr1844797qta.127.1643384844477;
Fri, 28 Jan 2022 07:47:24 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Fri, 28 Jan 2022 07:47:24 -0800 (PST)
In-Reply-To: <sssmj4$pch$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com> <ssptff$o7r$1@dont-email.me>
<ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me>
<mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com> <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>
<sssmj4$pch$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Fri, 28 Jan 2022 15:47:24 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 45
 by: pcoviello@gmail.com - Fri, 28 Jan 2022 15:47 UTC

On Wednesday, January 26, 2022 at 6:47:52 PM UTC-5, Stephen Hoffman wrote:
> On 2022-01-26 18:01:08 +0000, pcov...@gmail.com said:
>
> > ...yes I've downloaded the latest kits, though there is some
> > discrepancies between the document and what is in the zip file for SSH,
> Noticed that, eh? Whoever packaged that clearly didn't.
> --
> Pure Personal Opinion | HoffmanLabs LLC

yup pretty much, though then I was told to ignore the doc. sigh!
even updating the ciphers and creating a new public key I'm still getting unsupported cipher, and I'm at a loss as to why. Putty works fine.

it appears to agree on the info or at least the way I'm seeing it. I guess I'll try to load all of the ciphers and macs back in and see what happens.

debug(27-JAN-2022 13:44:57.89): Remote version: SSH-2.0-TN3270Plus_4.0.7
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1954: Using Client order for common key exchange algorithms.
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:2073: Constructing the first key exchange packet.
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs = diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3658: local kexinit: host key algs = ssh-rsa
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3666: local kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3674: local kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3680: local kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3686: local kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3692: local kexinit: compressions c to s = none,zlib
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3698: local kexinit: compressions s to c = none,zlib
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3708: local kexinit: first_packet_follows = FALSE
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1261: Outgoing empty, sending empty ignore packet.
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 2 to connection
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:895: Keying padding pool generator.
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 20 to connection
debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:1035: Calling write() to write 368 bytes to FD 1
debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:1104: ssh_stream_fd_write wrote 368 bytes
debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read -1 bytes from FD 0
debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:900: ssh_stream_fd_read read returned errno=35,vaxc$errno=%SYSTEM-F-SUSPENDED, process is suspended
debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
debug(27-JAN-2022 13:45:01.24): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read 8 bytes from FD 0
debug(27-JAN-2022 13:45:01.24): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read 32 bytes from FD 0
debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2854: >TR packet_type=1
debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2558: Processing received SSH_MSG_DISCONNECT
debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:1300: Disconnecting: reason code: 11 message: 'Unsupported cipher'
debug(27-JAN-2022 13:45:01.24): Ssh2AuthServer/SSHAUTHS.C:1257: received_packet: DISCONNECT from transport code.
debug(27-JAN-2022 13:45:01.24): Ssh2Common/SSHCOMMON.C:180: DISCONNECT received: Unsupported cipher
Thu 27 13:45:01 INFORMATIONAL: Remote host disconnected: Unsupported cipher

Re: ssh client connection issue to VMS

<ae0398e8-f072-4622-a2db-7c6fa4b04aa8n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20627&group=comp.os.vms#20627

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a05:622a:514:: with SMTP id l20mr27777817qtx.187.1643899230923;
Thu, 03 Feb 2022 06:40:30 -0800 (PST)
X-Received: by 2002:a05:620a:240e:: with SMTP id d14mr23356522qkn.704.1643899230580;
Thu, 03 Feb 2022 06:40:30 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Thu, 3 Feb 2022 06:40:30 -0800 (PST)
In-Reply-To: <334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>
Injection-Info: google-groups.googlegroups.com; posting-host=146.115.158.54; posting-account=s7HKuwoAAADMBfdW6Z_Cf7mUOCtdYG2x
NNTP-Posting-Host: 146.115.158.54
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com> <ssptff$o7r$1@dont-email.me>
<ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me>
<mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com> <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>
<sssmj4$pch$1@dont-email.me> <334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <ae0398e8-f072-4622-a2db-7c6fa4b04aa8n@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: rvwha...@gmail.com (Richard Whalen)
Injection-Date: Thu, 03 Feb 2022 14:40:30 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 47
 by: Richard Whalen - Thu, 3 Feb 2022 14:40 UTC

On Friday, January 28, 2022 at 10:47:25 AM UTC-5, pcoviello@gmail.com wrote:
> On Wednesday, January 26, 2022 at 6:47:52 PM UTC-5, Stephen Hoffman wrote:
> > On 2022-01-26 18:01:08 +0000, pcov...@gmail.com said:
> >
> > > ...yes I've downloaded the latest kits, though there is some
> > > discrepancies between the document and what is in the zip file for SSH,
> > Noticed that, eh? Whoever packaged that clearly didn't.
> > --
> > Pure Personal Opinion | HoffmanLabs LLC
> yup pretty much, though then I was told to ignore the doc. sigh!
> even updating the ciphers and creating a new public key I'm still getting unsupported cipher, and I'm at a loss as to why. Putty works fine.
>
> it appears to agree on the info or at least the way I'm seeing it. I guess I'll try to load all of the ciphers and macs back in and see what happens.
>
> debug(27-JAN-2022 13:44:57.89): Remote version: SSH-2.0-TN3270Plus_4.0.7
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1954: Using Client order for common key exchange algorithms.
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:2073: Constructing the first key exchange packet.
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs = diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3658: local kexinit: host key algs = ssh-rsa
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3666: local kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3674: local kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3680: local kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3686: local kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3692: local kexinit: compressions c to s = none,zlib
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3698: local kexinit: compressions s to c = none,zlib
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3708: local kexinit: first_packet_follows = FALSE
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1261: Outgoing empty, sending empty ignore packet.
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 2 to connection
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:895: Keying padding pool generator.
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 20 to connection
> debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:1035: Calling write() to write 368 bytes to FD 1
> debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:1104: ssh_stream_fd_write wrote 368 bytes
> debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
> debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read -1 bytes from FD 0
> debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:900: ssh_stream_fd_read read returned errno=35,vaxc$errno=%SYSTEM-F-SUSPENDED, process is suspended
> debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
> debug(27-JAN-2022 13:45:01.24): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read 8 bytes from FD 0
> debug(27-JAN-2022 13:45:01.24): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read 32 bytes from FD 0
> debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2854: >TR packet_type=1
> debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2558: Processing received SSH_MSG_DISCONNECT
> debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:1300: Disconnecting: reason code: 11 message: 'Unsupported cipher'
> debug(27-JAN-2022 13:45:01.24): Ssh2AuthServer/SSHAUTHS.C:1257: received_packet: DISCONNECT from transport code.
> debug(27-JAN-2022 13:45:01.24): Ssh2Common/SSHCOMMON.C:180: DISCONNECT received: Unsupported cipher
> Thu 27 13:45:01 INFORMATIONAL: Remote host disconnected: Unsupported cipher

This is a guess, but is it possible that the key that is being exchanged is encrypted with a cipher that the server doesn't support (for key encryption)?
I'm not sure how the key encoding would be controlled if it is a dynamically created key (which is typical). If the client is using its host key, then the encryption on that could be causing a problem.

Re: ssh client connection issue to VMS

<sth315$a46$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20634&group=comp.os.vms#20634

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: seaoh...@hoffmanlabs.invalid (Stephen Hoffman)
Newsgroups: comp.os.vms
Subject: Re: ssh client connection issue to VMS
Date: Thu, 3 Feb 2022 12:22:44 -0500
Organization: HoffmanLabs LLC
Lines: 12
Message-ID: <sth315$a46$1@dont-email.me>
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com> <sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com> <320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com> <ssptff$o7r$1@dont-email.me> <ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me> <mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com> <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com> <sssmj4$pch$1@dont-email.me> <334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="3acc143d362223c1e8e21860a1f263d2";
logging-data="10374"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+liSiQpPPSS3ayzVCIUwcobk7/IFR7s6Q="
User-Agent: Unison/2.2
Cancel-Lock: sha1:JJiYd0nTVrUyYEmmy1wOw6tFqAQ=
 by: Stephen Hoffman - Thu, 3 Feb 2022 17:22 UTC

On 2022-01-28 15:47:24 +0000, pcoviello@gmail.com said:

> debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:900:
> ssh_stream_fd_read read returned
> errno=35,vaxc$errno=%SYSTEM-F-SUSPENDED, process is suspended

Check whether the ssh server process has crashed.

--
Pure Personal Opinion | HoffmanLabs LLC

Re: ssh client connection issue to VMS

<f2654134-6f0e-4388-b060-df00597cb27fn@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20673&group=comp.os.vms#20673

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a05:620a:40c8:: with SMTP id g8mr441487qko.706.1644004837241;
Fri, 04 Feb 2022 12:00:37 -0800 (PST)
X-Received: by 2002:ad4:5aa4:: with SMTP id u4mr3125117qvg.43.1644004837045;
Fri, 04 Feb 2022 12:00:37 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Fri, 4 Feb 2022 12:00:36 -0800 (PST)
In-Reply-To: <ae0398e8-f072-4622-a2db-7c6fa4b04aa8n@googlegroups.com>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com> <ssptff$o7r$1@dont-email.me>
<ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me>
<mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com> <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>
<sssmj4$pch$1@dont-email.me> <334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>
<ae0398e8-f072-4622-a2db-7c6fa4b04aa8n@googlegroups.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <f2654134-6f0e-4388-b060-df00597cb27fn@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Fri, 04 Feb 2022 20:00:37 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 49
 by: pcoviello@gmail.com - Fri, 4 Feb 2022 20:00 UTC

On Thursday, February 3, 2022 at 9:40:32 AM UTC-5, rvwh...@gmail.com wrote:
> On Friday, January 28, 2022 at 10:47:25 AM UTC-5, pcov...@gmail.com wrote:
> > On Wednesday, January 26, 2022 at 6:47:52 PM UTC-5, Stephen Hoffman wrote:
> > > On 2022-01-26 18:01:08 +0000, pcov...@gmail.com said:
> > >
> > > > ...yes I've downloaded the latest kits, though there is some
> > > > discrepancies between the document and what is in the zip file for SSH,
> > > Noticed that, eh? Whoever packaged that clearly didn't.
> > > --
> > > Pure Personal Opinion | HoffmanLabs LLC
> > yup pretty much, though then I was told to ignore the doc. sigh!
> > even updating the ciphers and creating a new public key I'm still getting unsupported cipher, and I'm at a loss as to why. Putty works fine.
> >
> > it appears to agree on the info or at least the way I'm seeing it. I guess I'll try to load all of the ciphers and macs back in and see what happens.
> >
> > debug(27-JAN-2022 13:44:57.89): Remote version: SSH-2.0-TN3270Plus_4.0.7
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1954: Using Client order for common key exchange algorithms.
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:2073: Constructing the first key exchange packet.
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3631: local kexinit: kex algs = diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3658: local kexinit: host key algs = ssh-rsa
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3666: local kexinit: ciphers c to s = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3674: local kexinit: ciphers s to c = aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3680: local kexinit: macs c to s = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3686: local kexinit: macs s to c = hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3692: local kexinit: compressions c to s = none,zlib
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3698: local kexinit: compressions s to c = none,zlib
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:3708: local kexinit: first_packet_follows = FALSE
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1261: Outgoing empty, sending empty ignore packet.
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 2 to connection
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:895: Keying padding pool generator.
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:1154: Sending packet with type 20 to connection
> > debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:1035: Calling write() to write 368 bytes to FD 1
> > debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:1104: ssh_stream_fd_write wrote 368 bytes
> > debug(27-JAN-2022 13:44:57.89): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
> > debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read -1 bytes from FD 0
> > debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:900: ssh_stream_fd_read read returned errno=35,vaxc$errno=%SYSTEM-F-SUSPENDED, process is suspended
> > debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2961: Getting a SSH_MSG_KEXINIT packet from connection.
> > debug(27-JAN-2022 13:45:01.24): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read 8 bytes from FD 0
> > debug(27-JAN-2022 13:45:01.24): SshUnixFdStream/SSHUNIXFDSTREAM.C:887: read 32 bytes from FD 0
> > debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2854: >TR packet_type=1
> > debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:2558: Processing received SSH_MSG_DISCONNECT
> > debug(27-JAN-2022 13:45:01.24): Ssh2Transport/TRCOMMON.C:1300: Disconnecting: reason code: 11 message: 'Unsupported cipher'
> > debug(27-JAN-2022 13:45:01.24): Ssh2AuthServer/SSHAUTHS.C:1257: received_packet: DISCONNECT from transport code.
> > debug(27-JAN-2022 13:45:01.24): Ssh2Common/SSHCOMMON.C:180: DISCONNECT received: Unsupported cipher
> > Thu 27 13:45:01 INFORMATIONAL: Remote host disconnected: Unsupported cipher
> This is a guess, but is it possible that the key that is being exchanged is encrypted with a cipher that the server doesn't support (for key encryption)?
> I'm not sure how the key encoding would be controlled if it is a dynamically created key (which is typical). If the client is using its host key, then the encryption on that could be causing a problem.

I actually created a new hostkey using RSA 2048 and changed the ciphers and macs and it got connected the problem now though which started this whole issue is the ciphers and macs wont pass a Qualys scan. and it thinks I have a 1024 hostkey.... sigh!

Re: ssh client connection issue to VMS

<cde191d8-17a2-45a7-9908-cf60e471197en@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=20674&group=comp.os.vms#20674

  copy link   Newsgroups: comp.os.vms
X-Received: by 2002:a05:620a:28c3:: with SMTP id l3mr400831qkp.633.1644004852026;
Fri, 04 Feb 2022 12:00:52 -0800 (PST)
X-Received: by 2002:a05:622a:188c:: with SMTP id v12mr473216qtc.139.1644004851873;
Fri, 04 Feb 2022 12:00:51 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.os.vms
Date: Fri, 4 Feb 2022 12:00:51 -0800 (PST)
In-Reply-To: <sth315$a46$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=64.140.214.66; posting-account=_vsSJQoAAADDchUVsjOeB2x6gmKsZV_u
NNTP-Posting-Host: 64.140.214.66
References: <09e2b2ba-f793-4640-9734-d115a5d95949n@googlegroups.com>
<sspnmd$cqv$1@dont-email.me> <4b7e0333-c00f-4abd-9f3b-46b2fd283694n@googlegroups.com>
<320aa008-2ea3-4d95-8eb2-c713d1764ea4n@googlegroups.com> <ssptff$o7r$1@dont-email.me>
<ssq20i$mb6$1@dont-email.me> <ssq2f9$nqe$1@dont-email.me> <ssq3o4$vqd$1@dont-email.me>
<mailman.0.1643158242.32491.info-vax_rbnsn.com@rbnsn.com> <e128b8a6-c632-45c5-a52a-85fd2bb175ean@googlegroups.com>
<sssmj4$pch$1@dont-email.me> <334b5da2-7f54-40ef-8073-7111c607c503n@googlegroups.com>
<sth315$a46$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <cde191d8-17a2-45a7-9908-cf60e471197en@googlegroups.com>
Subject: Re: ssh client connection issue to VMS
From: pcovie...@gmail.com (pcoviello@gmail.com)
Injection-Date: Fri, 04 Feb 2022 20:00:52 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 11
 by: pcoviello@gmail.com - Fri, 4 Feb 2022 20:00 UTC

On Thursday, February 3, 2022 at 12:22:47 PM UTC-5, Stephen Hoffman wrote:
> On 2022-01-28 15:47:24 +0000, pcov...@gmail.com said:
>
> > debug(27-JAN-2022 13:44:57.89): SshUnixFdStream/SSHUNIXFDSTREAM.C:900:
> > ssh_stream_fd_read read returned
> > errno=35,vaxc$errno=%SYSTEM-F-SUSPENDED, process is suspended
> Check whether the ssh server process has crashed.
> --
> Pure Personal Opinion | HoffmanLabs LLC

yes it is

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor