Silly with VMS access via SSH
-
Topic author - Master
- Posts: 135
- Joined: Sat Aug 15, 2020 9:00 am
- Reputation: 0
- Location: Cambridge, UK
- Status: Offline
Silly with VMS access via SSH
As reported on comp.os.vms:
Just a silly that I have ignored for years. It was the same with the setup for work (IA64 VMS 8.*), and is still present with 9.2-1, and now bugs me!
I have TCPWare on AXP that works OK.
This is with:
VSI X86VMS OPENVMS E9.2-1 Platform Installed
VSI X86VMS TCPIP X6.0-20 Full LP Installed
VSI X86VMS OPENSSH V8.9-1D Full LP Installed
I have both sys$announce and sys$welcome logicals defined:
$ sho lo sys$announce, sys$welcome
"SYS$ANNOUNCE" = "@SYS$MANAGER:ANNOUNCE.TXT" (LNM$SYSTEM_TABLE)
"SYS$WELCOME" = "@SYS$MANAGER:WELCOME.TXT" (LNM$SYSTEM_TABLE)
Both files exist, but when I login using SSH, I get the welcome.txt displayed when I login, but before I do, I get:
Using username "townleyc".
Pre-authentication banner message from server:
|
| @SYS$MANAGER:ANNOUNCE.TXT
End of banner message from server
Authenticating with public key "XXXXXXXXX@XXXXXX"
correctly followed by the text in welcome.txt
If I set host from another node, or with set host 0 both are displayed as usual
Both files exist, and have w:re protection
How can I get SSH to display ANNOUNCE.TXT ?
Chris
Just a silly that I have ignored for years. It was the same with the setup for work (IA64 VMS 8.*), and is still present with 9.2-1, and now bugs me!
I have TCPWare on AXP that works OK.
This is with:
VSI X86VMS OPENVMS E9.2-1 Platform Installed
VSI X86VMS TCPIP X6.0-20 Full LP Installed
VSI X86VMS OPENSSH V8.9-1D Full LP Installed
I have both sys$announce and sys$welcome logicals defined:
$ sho lo sys$announce, sys$welcome
"SYS$ANNOUNCE" = "@SYS$MANAGER:ANNOUNCE.TXT" (LNM$SYSTEM_TABLE)
"SYS$WELCOME" = "@SYS$MANAGER:WELCOME.TXT" (LNM$SYSTEM_TABLE)
Both files exist, but when I login using SSH, I get the welcome.txt displayed when I login, but before I do, I get:
Using username "townleyc".
Pre-authentication banner message from server:
|
| @SYS$MANAGER:ANNOUNCE.TXT
End of banner message from server
Authenticating with public key "XXXXXXXXX@XXXXXX"
correctly followed by the text in welcome.txt
If I set host from another node, or with set host 0 both are displayed as usual
Both files exist, and have w:re protection
How can I get SSH to display ANNOUNCE.TXT ?
Chris
--
Chris
Chris
-
- Valued Contributor
- Posts: 79
- Joined: Thu Jun 06, 2019 6:57 am
- Reputation: 0
- Location: Brindisi (Italy)
- Status: Offline
- Contact:
Re: Silly with VMS access via SSH
OpenSSH for VSI OpenVMS Alpha, I64, and x86-64 Release Notes (January 2023)
VSI-AXPVMS-OPENSSH-V0809-1D-1.PCSI
VSI-I64VMS-OPENSSH-V0809-1D-1.PCSI
VSI-X86VMS-OPENSSH-V0809-1D-1.PCSI
https://vmssoftware.com/openkits/i64ope ... RNOTES.PDF
Many parameters may be defined in SSH$ROOT:[ETC]SSHD_CONFIG to control various aspects of SSH server operation; in particular you should check :
...
VmsPrintSysAnnounce (Tcp/ip ssh service old directive PrintSysAnnounce)
Setting this parameter to “yes” causes the OpenVMS welcome banne rassociated with the logical name SYS$ANNOUNCE to be displayed when logging in. The permitted values for this parameter are “yes” and “no”.
VmsPrintSysWelcome (Tcp/ip ssh service old directive PrintSysWelcome)
Setting this parameter to “yes” causes the welcome banner associated with the logical name SYS$WELCOME to be displayed when logging in. The permitted values for this parameter are “yes” and “no”
...
Try to setting the "PrintSysAnnounce" parameters and see if you resolve.
/Maurizio
VSI-AXPVMS-OPENSSH-V0809-1D-1.PCSI
VSI-I64VMS-OPENSSH-V0809-1D-1.PCSI
VSI-X86VMS-OPENSSH-V0809-1D-1.PCSI
https://vmssoftware.com/openkits/i64ope ... RNOTES.PDF
Many parameters may be defined in SSH$ROOT:[ETC]SSHD_CONFIG to control various aspects of SSH server operation; in particular you should check :
...
VmsPrintSysAnnounce (Tcp/ip ssh service old directive PrintSysAnnounce)
Setting this parameter to “yes” causes the OpenVMS welcome banne rassociated with the logical name SYS$ANNOUNCE to be displayed when logging in. The permitted values for this parameter are “yes” and “no”.
VmsPrintSysWelcome (Tcp/ip ssh service old directive PrintSysWelcome)
Setting this parameter to “yes” causes the welcome banner associated with the logical name SYS$WELCOME to be displayed when logging in. The permitted values for this parameter are “yes” and “no”
...
Try to setting the "PrintSysAnnounce" parameters and see if you resolve.
/Maurizio
Last edited by m_detommaso on Thu May 25, 2023 6:40 am, edited 1 time in total.
-
Topic author - Master
- Posts: 135
- Joined: Sat Aug 15, 2020 9:00 am
- Reputation: 0
- Location: Cambridge, UK
- Status: Offline
Re: Silly with VMS access via SSH
Looked at these, they are both left at their defaults - which is in the release notes as Yes for both
Chris
Added in 4 minutes 56 seconds:
Tried uncommenting, restarted SSH and still get:
Using username "townleyc".
Pre-authentication banner message from server:
|
| @SYS$MANAGER:ANNOUNCE.TXT
End of banner message from server
Chris
Chris
Added in 4 minutes 56 seconds:
Tried uncommenting, restarted SSH and still get:
Using username "townleyc".
Pre-authentication banner message from server:
|
| @SYS$MANAGER:ANNOUNCE.TXT
End of banner message from server
Chris
--
Chris
Chris
-
- Valued Contributor
- Posts: 79
- Joined: Thu Jun 06, 2019 6:57 am
- Reputation: 0
- Location: Brindisi (Italy)
- Status: Offline
- Contact:
Re: Silly with VMS access via SSH
dirac>type ssh$root:[etc]sshd_config.
...
VmsPrintSysAnnounce yes
VmsPrintSysWelcome yes
...
dirac>@sys$startup:ssh$shutdown
dirac>@sys$startup:ssh$startup
< You are here >
Solution :
$ rename sys$common:[sysmgr]announce.txt sys$common:[sysmgr]announce.com
$ define /system sys$announce "@sys$manager:announce.com"
/Maurizio
Last edited by m_detommaso on Sat May 27, 2023 5:30 am, edited 2 times in total.
-
- Valued Contributor
- Posts: 79
- Joined: Thu Jun 06, 2019 6:57 am
- Reputation: 0
- Location: Brindisi (Italy)
- Status: Offline
- Contact:
Re: Silly with VMS access via SSH
one valid alternative :
dirac>type sshd_config.
...
Banner /ssh$root/etc/banner.txt
VmsPrintSysAnnounce no
VmsPrintSysWelcome yes
...
dirac>@sys$startup:ssh$shutdown
dirac>@sys$startup:ssh$startup
/Maurizio
-
Topic author - Master
- Posts: 135
- Joined: Sat Aug 15, 2020 9:00 am
- Reputation: 0
- Location: Cambridge, UK
- Status: Offline
Re: Silly with VMS access via SSH
Thanks Maurizio
The banner method actually works.
Presumably the failure to handler announce is a VMS implementation bug
Chris
The banner method actually works.
Presumably the failure to handler announce is a VMS implementation bug
Chris
--
Chris
Chris
-
- Valued Contributor
- Posts: 79
- Joined: Thu Jun 06, 2019 6:57 am
- Reputation: 0
- Location: Brindisi (Italy)
- Status: Offline
- Contact:
Re: Silly with VMS access via SSH
Chris,
thank you for your feedback.
>>> Presumably the failure to handler announce is a VMS implementation bug
In my VMS x86-64 environment, announce method works; the only precaution is to create announce with file extension ".com" and not ".txt" (as I demonstrated in my previously post viewtopic.php?f=9&t=8703#p18790).
I honestly don't know if this should be considered a bug or not. In any case, VSI Engineering monitors this forum
/Maurizio
Last edited by m_detommaso on Sat May 27, 2023 11:47 am, edited 1 time in total.
-
Topic author - Master
- Posts: 135
- Joined: Sat Aug 15, 2020 9:00 am
- Reputation: 0
- Location: Cambridge, UK
- Status: Offline
Re: Silly with VMS access via SSH
I did try renaming the announce file to .COM but that did not work, hence I moved on to the banner, which did.
It is not a huge problem, it it might be good if it was added to the documentation or release notes
Chris
It is not a huge problem, it it might be good if it was added to the documentation or release notes
Chris
--
Chris
Chris
-
- Master
- Posts: 201
- Joined: Fri Aug 14, 2020 11:31 am
- Reputation: 0
- Status: Offline
Re: Silly with VMS access via SSH
Maurizio,m_detommaso wrote: ↑Sat May 27, 2023 11:34 amIn my VMS x86-64 environment, announce method works; the only precaution is to create announce with file extension ".com" and not ".txt" (as I demonstrated in my previously post viewtopic.php?f=9&t=8703#p18790).
I honestly don't know if this should be considered a bug or not. In any case, VSI Engineering monitors this forum :)
sorry, but it's a bug !
See chapter 5.2.7.11 Creating Systemwide Announcements in
https://vmssoftware.com/docs/HP_OpenVMS ... l_Vol1.pdf
It should work with any 'text-containing file', whether it's file type is named .COM or .TXT, as it does for any other kind of interactive login.
Volker.
-
- Valued Contributor
- Posts: 79
- Joined: Thu Jun 06, 2019 6:57 am
- Reputation: 0
- Location: Brindisi (Italy)
- Status: Offline
- Contact:
Re: Silly with VMS access via SSH
Volker,
first of all, thank you for your feedback, I really appreciate.
We should consider that we are discussing the behavior of Open Source code developed for Linux environments and ported to VMS. Furthermore, the current version of VSI OpenSSH for VMS does not handle escape sequences if contained in the announce message; and the exact same behavior is also observable with the Process Software SSH code.
From a VMS perspective, should we consider these behaviors bugs or limitations specific to the open source code ?
I honestly don't know; however, VSI Engineering monitors these forums and will decide how to proceed; in the meantime I have provided two valid workarounds to the problem raised by Chris.
/Maurizio
first of all, thank you for your feedback, I really appreciate.
We should consider that we are discussing the behavior of Open Source code developed for Linux environments and ported to VMS. Furthermore, the current version of VSI OpenSSH for VMS does not handle escape sequences if contained in the announce message; and the exact same behavior is also observable with the Process Software SSH code.
From a VMS perspective, should we consider these behaviors bugs or limitations specific to the open source code ?
I honestly don't know; however, VSI Engineering monitors these forums and will decide how to proceed; in the meantime I have provided two valid workarounds to the problem raised by Chris.
/Maurizio