Re: ssh2 hostkeys what directory? - VMS

This is a discussion on Re: ssh2 hostkeys what directory? - VMS ; From: Anton Shterenlikht > Why do I need to have ssh2 directories under SYS$SPECIFIC > and under TCPIP$SSH? Client and server? > It appears that enabling and starting ssh server via > TCPIP$CONFIG.COM put the files under SYS$SYSDEVICE:[TCPIP$SSH.SSH2] > So ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Re: ssh2 hostkeys what directory?

  1. Re: ssh2 hostkeys what directory?

    From: Anton Shterenlikht

    > Why do I need to have ssh2 directories under SYS$SPECIFIC
    > and under TCPIP$SSH?


    Client and server?

    > It appears that enabling and starting ssh server via
    > TCPIP$CONFIG.COM put the files under SYS$SYSDEVICE:[TCPIP$SSH.SSH2]
    > So what program places the keys under SYS$SPECIFIC?


    SSH run by SYSTEM? SYS$SYSDEVICE:[SYS*.SYSMGR.ssh2] is under
    SYSTEM's home directory.

    Whose host keys are in these directories? Around here,
    SYS$SYSROOT:[SYSMGR.SSH2.HOSTKEYS] (ODS2) holds host key files for
    (mostly) other systems which SYSTEM has used SSH to contact, and
    SYS$SYSDEVICE:[TCPIP$SSH.SSH2.HOSTKEYS] is empty. (But
    SYS$SYSDEVICE:[TCPIP$SSH.SSH2] holds HOSTKEY. and HOSTKEY.PUB.)

    ------------------------------------------------------------------------

    Steven M. Schweda sms@antinode-info
    382 South Warwick Street (+1) 651-699-9818
    Saint Paul MN 55105-2547

  2. Re: ssh2 hostkeys what directory?

    On Thu, Jun 05, 2008 at 12:23:29PM -0500, Steven M. Schweda wrote:
    >
    > SYS$SYSDEVICE:[TCPIP$SSH.SSH2.HOSTKEYS] is empty. (But
    > SYS$SYSDEVICE:[TCPIP$SSH.SSH2] holds HOSTKEY. and HOSTKEY.PUB.)


    that means that HOSTKEY. and HOSTKEY.PUB are shared between
    all nodes for which SYS$SYSDEVICE is a system disk, right?

    I can actually see in my known_hosts file that the signatures
    of 2 alpha nodes, which share SYS$SYSDEVICE, are identical.

    I have a I64-alpha cluster, so different nodes have different
    (well, only 2) SYS$SYSDEVICE. I'd like to share HOSTKEY. and HOSTKEY.PUB
    between all nodes in the cluster. I think for this I need to
    redefine TCPIP$SSH_DEVICE, to point to the disk where cluster
    common files are.

    However, I cannot find want command procedure file defines
    TCPIP$SSH_DEVICE in the first place. Many files provide
    commands to define this logical if it has not been defined
    already, so I'm not sure what is the best place to put
    my define.

    $ show logical tcpip$ssh_device
    "TCPIP$SSH_DEVICE" = "SYS$SYSDEVICE:" (LNM$SYSTEM_TABLE)
    1 "SYS$SYSDEVICE" = "$1$DGA2:" (LNM$SYSTEM_TABLE)

    thanks
    anton

    --
    Anton Shterenlikht
    Room 2.6, Queen's Building
    Mech Eng Dept
    Bristol University
    University Walk, Bristol BS8 1TR, UK
    Tel: +44 (0)117 928 8233
    Fax: +44 (0)117 929 4423

  3. SOLVED: Re: ssh2 hostkeys what directory?

    On Fri, Jun 06, 2008 at 02:47:14PM +0100, Anton Shterenlikht wrote:
    > On Thu, Jun 05, 2008 at 12:23:29PM -0500, Steven M. Schweda wrote:
    > >
    > > SYS$SYSDEVICE:[TCPIP$SSH.SSH2.HOSTKEYS] is empty. (But
    > > SYS$SYSDEVICE:[TCPIP$SSH.SSH2] holds HOSTKEY. and HOSTKEY.PUB.)

    >
    > that means that HOSTKEY. and HOSTKEY.PUB are shared between
    > all nodes for which SYS$SYSDEVICE is a system disk, right?
    >
    > I can actually see in my known_hosts file that the signatures
    > of 2 alpha nodes, which share SYS$SYSDEVICE, are identical.
    >
    > I have a I64-alpha cluster, so different nodes have different
    > (well, only 2) SYS$SYSDEVICE. I'd like to share HOSTKEY. and HOSTKEY.PUB
    > between all nodes in the cluster. I think for this I need to
    > redefine TCPIP$SSH_DEVICE, to point to the disk where cluster
    > common files are.
    >
    > However, I cannot find want command procedure file defines
    > TCPIP$SSH_DEVICE in the first place. Many files provide
    > commands to define this logical if it has not been defined
    > already, so I'm not sure what is the best place to put
    > my define.
    >
    > $ show logical tcpip$ssh_device
    > "TCPIP$SSH_DEVICE" = "SYS$SYSDEVICE:" (LNM$SYSTEM_TABLE)
    > 1 "SYS$SYSDEVICE" = "$1$DGA2:" (LNM$SYSTEM_TABLE)
    >


    I added

    $ DEFINE/SYSTEM/EXECUTIVE_MODE TCPIP$SSH_DEVICE DISK$CLUSTFILES

    to SYLOGICALS.COM on every cluster node. DISK$CLUSTFILES is the
    logical for my disk containing common cluster files,

    Now I have only one set of HOSTKEY. and HOSTKEY.PUB shared
    between all nodes in the cluster. Now failSAFE IP gives me
    no problems with ssh, because all ip addresses (from this cluster)
    in known_hosts database have identical keys.

    many thanks
    anton


    --
    Anton Shterenlikht
    Room 2.6, Queen's Building
    Mech Eng Dept
    Bristol University
    University Walk, Bristol BS8 1TR, UK
    Tel: +44 (0)117 928 8233
    Fax: +44 (0)117 929 4423

+ Reply to Thread