How do I write a SFTP SSH client - VMS

This is a discussion on How do I write a SFTP SSH client - VMS ; We have an application that includes our own FTP Client. It connects to the remote host on port 21 and then sends the FTP commands as listed in RFC 959 ( http://www.faqs.org/rfcs/rfc959.html ). This is all done for performance reasons, ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: How do I write a SFTP SSH client

  1. How do I write a SFTP SSH client

    We have an application that includes our own FTP Client. It connects
    to the remote host on port 21 and then sends the FTP commands as
    listed in RFC 959 (http://www.faqs.org/rfcs/rfc959.html). This is all
    done for performance reasons, so that we can process the data as it
    comes in over the IP link before writing it to disk.

    This now needs to be changed to use SFTP - SSH File Transfer Protocol
    (http://www.vandyke.com/technology/dr...h-filexfer.txt), as
    used by SFTP on openVMS. The protocol is completely different, I
    understand that.

    When you use SFTP, it spawn a process which runs TCPIP$SSH_SSH2.EXE.

    So - how do I write my own version of SFTP? Should I be going down the
    TCPIP$SSH_SSH2.EXE route - and if so - where can I find out how to
    interface to TCPIP$SSH_SSH2.EXE?

    Or is ther an alternative?

    Trefor


  2. Re: How do I write a SFTP SSH client

    SFTP authenticates with the remote system by spawning SSH2 and having it do
    the authentication.

    After that the SFTP commands and data are passed through the secure data
    channel that is created by the SSH2 connection. The SFTP commands
    essentially file system operations - Open a file, read (or write) so many
    bytes from a file starting at a particular byte, close a file. There are
    also operations for reading directories, creating directories, deleting
    files, and setting file attributes. Note that most implementations are for
    version 3 of the protocol.

    So, yes you have to use SSH2 if you are to write an SFTP program.

    "Trefor" wrote in message
    news:1194281868.188571.226640@y42g2000hsy.googlegr oups.com...
    > We have an application that includes our own FTP Client. It connects
    > to the remote host on port 21 and then sends the FTP commands as
    > listed in RFC 959 (http://www.faqs.org/rfcs/rfc959.html). This is all
    > done for performance reasons, so that we can process the data as it
    > comes in over the IP link before writing it to disk.
    >
    > This now needs to be changed to use SFTP - SSH File Transfer Protocol
    > (http://www.vandyke.com/technology/dr...h-filexfer.txt), as
    > used by SFTP on openVMS. The protocol is completely different, I
    > understand that.
    >
    > When you use SFTP, it spawn a process which runs TCPIP$SSH_SSH2.EXE.
    >
    > So - how do I write my own version of SFTP? Should I be going down the
    > TCPIP$SSH_SSH2.EXE route - and if so - where can I find out how to
    > interface to TCPIP$SSH_SSH2.EXE?
    >
    > Or is ther an alternative?
    >
    > Trefor
    >




  3. Re: How do I write a SFTP SSH client

    I have been looking into more or less the same problem.

    Writing your own FTP client was doable, although harder than you would
    think at first glance, as some FTP servers will hang for unknown
    reasons,
    and you do want to detect this.

    I needed a callable SSH filetransfer library, to be called from C or
    COBOL,
    and a sftp client that made it possible to login to a remote system in
    batch
    using sftp using password in stead of public key authentication,
    something
    the TCP/IP services sftp client will not let you do.

    I did not have any luck in finding a usable public domain SSH library
    to
    use as the basis for this callable SSH library, and I really didn't
    want to
    try to implement the SSH protocol myself, to be honest I find the
    RFC's
    rather hard to understand, and what I understood at times
    contradictory.
    Hopefully you have more luck, and probably you are smarter than I
    am :-)

    I did find a couple of Java SSH libraries that allowed me to build a
    SFTP
    client that accepts both public key and password to be used as
    authentication to a remote system.

    This is were I found these Java libraries:

    - http://sourceforge.net/projects/jsch/
    - http://www.ganymed.ethz.ch/ssh2/

    Hope this helps,
    Jose


  4. Re: How do I write a SFTP SSH client - How to hook into TCPIP$SSH_SSH2.EXE

    On 7 Nov, 18:29, Jose Baars wrote:
    > I have been looking into more or less the same problem.
    >
    > Writing your own FTP client was doable, although harder than you would
    > think at first glance, as some FTP servers will hang for unknown
    > reasons,
    > and you do want to detect this.
    >
    > I needed a callable SSH filetransfer library, to be called from C or
    > COBOL,
    > and a sftp client that made it possible to login to a remote system in
    > batch
    > using sftp using password in stead of public key authentication,
    > something
    > the TCP/IP services sftp client will not let you do.
    >
    > I did not have any luck in finding a usable public domain SSH library
    > to
    > use as the basis for this callable SSH library, and I really didn't
    > want to
    > try to implement the SSH protocol myself, to be honest I find the
    > RFC's
    > rather hard to understand, and what I understood at times
    > contradictory.
    > Hopefully you have more luck, and probably you are smarter than I
    > am :-)
    >
    > I did find a couple of Java SSH libraries that allowed me to build a
    > SFTP
    > client that accepts both public key and password to be used as
    > authentication to a remote system.
    >
    > This is were I found these Java libraries:
    >
    > -http://sourceforge.net/projects/jsch/
    > -http://www.ganymed.ethz.ch/ssh2/
    >
    > Hope this helps,
    > Jose


    I was looking at the OpenVMS SFTP program. It spawns sys$system:tcpip
    $ssh_ssh2.exe which does the SSH bit which makes sense. It appears to
    call it with the following parameters.

    $mc sys$system:tcpip$ssh_ssh2.exe -v -x -a -o "passwordprompt %U@%H's
    password:" -
    -o "authenticationnotify yes" my_user@my_host.somewhere.co.uk -s sftp

    which makes sence. But I've not managed to work out how the SFTP
    program hooks into tcpip$ssh_ssh2.exe to send the SFTP protocol
    stuff.

    Anyone any ideas?

    Trefor


  5. Re: How do I write a SFTP SSH client - How to hook into TCPIP$SSH_SSH2.EXE

    > $mc sys$system:tcpip$ssh_ssh2.exe -v -x -a -o "passwordprompt %U@%H's
    > password:" -
    > -o "authenticationnotify yes" my_user@my_host.somewhere.co.uk -s sftp


    Here's an explaination of what happens with the above:

    SFTP2 creates a subprocess and uses a couple of VMS mail boxes (C pipes) to
    communicate with it.
    -v is verbose mode - which is really debug level 2
    -x allows X11 forwarding, which probably doesn't matter for SFTP2
    -a allows agent forwarding, which can be used in some types of
    authentication
    -o is for options, in this case the password prompt which is specified as
    user@host's password: SSH2 has a default value for this of Password
    -o "authenticationnotify yes" says that SFTP2 wants to be notified about the
    result of authentication with the string AUTHENTICATED YES
    -s sftp requests the sftp subsystem to be run on the remote system after
    successful authentication.

    The SFTP2 client will write to one of the mailboxes, SSH2 will encrypt the
    data and transport it to the remote system where it will be decrypted and
    the sftp subsytem will read it from it's stdin as its command stream. The
    sftp subsystem writes its responses to its stdout, which is encrypted,
    passed back, decrypted and sent through the other mailbox to the SFTP2
    client. In the SFTP protocol any data that pertains to the command is
    shipped with it.



+ Reply to Thread