System can log in multiple times, user cannot login at all

Having difficulties when installing the system? Your system runs slowly and requires some tweaking? You can get help here.
Post Reply
User avatar

Topic author
tlovern
Active Contributor
Posts: 40
Joined: Tue Jul 21, 2020 10:44 am
Reputation: 0
Status: Offline

System can log in multiple times, user cannot login at all

Post by tlovern » Wed Aug 09, 2023 4:32 pm

Here is the user's sysuaf (yes I gave it all privs - will cut back when working):

Code: Select all

Username: 1LOVERN                          Owner:  
Account:                                   UIC:    [200,230] ([DEFAULT])
CLI:      DCL                              Tables: DCLTABLES
Default:  USER$DISK:[USERS.1LOVERN]
LGICMD:   
Flags: 
Primary days:   Mon Tue Wed Thu Fri        
Secondary days:                     Sat Sun
No access restrictions
Expiration:            (none)    Pwdminimum:  6   Login Fails:     0
Pwdlifetime:         60 00:00    Pwdchange:      (pre-expired) 
Last Login:            (none) (interactive),            (none) (non-interactive)
Maxjobs:         0  Fillm:       128  Bytlm:        128000
Maxacctjobs:     0  Shrfillm:      0  Pbytlm:            0
Maxdetach:       0  BIOlm:       150  JTquota:        4096
Prclm:           8  DIOlm:       150  WSdef:          4096
Prio:            4  ASTlm:       300  WSquo:          8192
Queprio:         4  TQElm:       100  WSextent:      16384
CPU:        (none)  Enqlm:      4000  Pgflquo:      256000
Authorized Privileges: 
  ACNT         ALLSPOOL     ALTPRI       AUDIT        BUGCHK       BYPASS
  CMEXEC       CMKRNL       DIAGNOSE     DOWNGRADE    EXQUOTA      GROUP
  GRPNAM       GRPPRV       IMPERSONATE  IMPORT       LOG_IO       MOUNT
  NETMBX       OPER         PFNMAP       PHY_IO       PRMCEB       PRMGBL
  PRMMBX       PSWAPM       READALL      SECURITY     SETPRV       SHARE
  SHMEM        SYSGBL       SYSLCK       SYSNAM       SYSPRV       TMPMBX
  UPGRADE      VOLPRO       WORLD
Default Privileges: 
  ACNT         ALLSPOOL     ALTPRI       AUDIT        BUGCHK       BYPASS
  CMEXEC       CMKRNL       DIAGNOSE     DOWNGRADE    EXQUOTA      GROUP
  GRPNAM       GRPPRV       IMPERSONATE  IMPORT       LOG_IO       MOUNT
  NETMBX       OPER         PFNMAP       PHY_IO       PRMCEB       PRMGBL
  PRMMBX       PSWAPM       READALL      SECURITY     SETPRV       SHARE
  SHMEM        SYSGBL       SYSLCK       SYSNAM       SYSPRV       TMPMBX
  UPGRADE      VOLPRO       WORLD
UAF>  Exit 
%UAF-I-NOMODS, no modifications made to system authorization file
%UAF-I-RDBNOMODS, no modifications made to rights database
Here is the login interactive setting:

Code: Select all

$ set login/inter
%SET-I-INTSET, login interactive limit = 100, current interactive value = 2
Disk user is configured to use:

Code: Select all

$ sho dev user$disk/full

    Disk NARNIA$DKA100:, device type ATA VMware Virtual S, is online, mounted, file-
    oriented device, shareable, available to cluster, error logging is enabled.

    Error count                    0    Operations completed              17305
    Owner process                 ""    Owner UIC                      [SYSTEM]
    Owner process ID        00000000    Dev Prot            S:RWPL,O:RWPL,G:R,W
    Reference count                1    Default buffer size                 512
    Total blocks           209715200    Sectors per track                     0
    Total cylinders                0    Tracks per cylinder                   0
    Logical Volume Size    209715200    Expansion Size Limit          209715200

    Volume label             "USERS"    Relative volume number                0
    Cluster size                   1    Transaction count                     1
    Free blocks            209659820    Maximum files allowed          16711679
    Extend quantity                5    Mount count                           1
    Mount status              System    Cache name      "_NARNIA$DKA0:XQPCACHE"
    Extent cache size             64    Max blocks in extent cache     20965982
    File ID cache size            64    Blocks in extent cache                0
    Quota cache size               0    Maximum buffers in FCP cache       4884
    Volume owner UIC        [SYSTEM]    Vol Prot    S:RWCD,O:RWCD,G:RWCD,W:RWCD

  Volume Status:  ODS-2, subject to mount verification, file high-water marking,
      write-through XFC caching enabled, write-back XQP caching enabled.
here is what happens when using ssh:

Code: Select all

$ ssh 1lovern@10.0.1.33

 Welcome to OpenVMS (TM) x86_64 Operating System, Version V9.2-1  
1lovern@10.0.1.33's password: 
Connection closed by 10.0.1.33 port 22
I don't see anything in authorize, nor in the number of interactive logins (shouldn't matter - account has oper)

I can fire up as many system account sessions as I want.

It is going to be something simple, but I'm not seeing it.

Added in 14 minutes 2 seconds:
Ok, I can log in as the user on the defined port using telnet. I cannot login using SSH.

I set /local/network/remote/dialup, etc in authorize. I most have missed one.

Code: Select all

F$MODE() for both is interactive.

device is _OPA0: for user login working, _FTA7: for system logged in via SSH
it has to be something with SSH / device type.

Added in 9 minutes 54 seconds:
Looks like I need to configure that user for SSH access...this is all new to me.
Last edited by tlovern on Wed Aug 09, 2023 4:41 pm, edited 1 time in total.
Top
User avatar

neilrieck
Contributor
Posts: 21
Joined: Tue Jan 10, 2023 10:41 am
Reputation: 0
Location: Waterloo, Ontario, Canada
Status: Offline
Contact:
Contact neilrieck

Re: System can log in multiple times, user cannot login at all

Post by neilrieck » Sun Aug 13, 2023 10:38 am

Okay so this is definitely an SSH2 config problem but first a caveat: my only real experience comes from two third-party stacks for OpenVMS (TCPware and MultiNet). The following text applies to multinet so your path and file names will probably be different on your system so here are some ideas to try

set def MULTINET:
dir [...]ssh*conf*.*
set def MULTINET_ROOT:[MULTINET.SSH2]
edit "SSHD2_CONF."
locate the line containing: AllowUsers (then comment it out for now to allow all)
also check lines containing: DenyUsers, AllowGroups, DenyGroups
Save the file then restart the daemon (daemon config files are only read once)

If your problem continues then look for log files:

set def MULTINET:
dir [...]ssh*.*

sshd.log (one for every login event)
sshd_master.log (from the daemon)

note: some stacks put the word "log" on the left-hand side of the dot (and usually have no file extension)
Top

sms
Master
Posts: 349
Joined: Fri Aug 21, 2020 5:18 pm
Reputation: 0
Status: Offline

Re: System can log in multiple times, user cannot login at all

Post by sms » Sun Aug 13, 2023 2:10 pm

Code: Select all

> Okay so this is definitely an SSH2 config problem [...]

   First:

      https://forum.vmssoftware.com/viewtopic.php?f=1&t=8792#p19334

> debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9 VSI

That's not anyone's SSH2.

   Second, the (already solved) problem wasn't primarily any kind of
"[SSH] config problem":

      https://forum.vmssoftware.com/viewtopic.php?f=1&t=8792&start=10#p19346
Top
User avatar

Topic author
tlovern
Active Contributor
Posts: 40
Joined: Tue Jul 21, 2020 10:44 am
Reputation: 0
Status: Offline

Re: System can log in multiple times, user cannot login at all

Post by tlovern » Sun Aug 13, 2023 2:46 pm

as of now, every is working great!

The Authorize was fubar. deleted and re-added user with the UIC specified and boom! everything works.

As far as terminal keyboard mapping - got that (mostly)squared away. The terminal emulator (iTerm2), gets confused every once in a while, OS X likes to eat certain function keys - I liked using break for DO, but I cannot. (using a logitech kbd)

Thanks again to everyone for their help!
Top
Post Reply

Return to “Installation and Configuration”