How understand some SSHD messages
-
Topic author - Contributor
- Posts: 10
- Joined: Mon Aug 05, 2024 11:13 am
- Reputation: 0
- Status: Offline
How understand some SSHD messages
Hello,
SSHD speaks to me using these words:
vms_add_login_msg failed
vms_update_sysuaf_valid_access
(I find them in the ssh$sshd.exe image)
Is it possible to known where and why SSHD speaks so? It is somewhere on a ssh login using x11 forwarding, but I suspect it's some subtle inter-configuration with sysuaf. Because we have not the sources, it is impossible to have any clue about that.
Thanks for the ideas.
SSHD speaks to me using these words:
vms_add_login_msg failed
vms_update_sysuaf_valid_access
(I find them in the ssh$sshd.exe image)
Is it possible to known where and why SSHD speaks so? It is somewhere on a ssh login using x11 forwarding, but I suspect it's some subtle inter-configuration with sysuaf. Because we have not the sources, it is impossible to have any clue about that.
Thanks for the ideas.
Re: How understand some SSHD messages
Code: Select all
> SSHD speaks to me using these words:
I don't know what that means.
Which version of SSHD?
> vms_add_login_msg failed
> vms_update_sysuaf_valid_access
>
> (I find them in the ssh$sshd.exe image)
Why do you care? Is there some actual problem which you are trying
to solve?
I know nothing, but VMS does keep records of successful logins in
SYS$SYSTEM:SYSUAF.DAT.
set default sys$system
pipe mcr authorize show system | search sys$input last
I would not be amazed if an SSHD for VMS had a VMS-specific function to
update those data.
I'd guess that "vms_add_login_msg" might be related to
SYS$MANAGER:WELCOME.TXT and/or the logical name SYS$WELCOME. But what
do I know?
-
Topic author - Contributor
- Posts: 10
- Joined: Mon Aug 05, 2024 11:13 am
- Reputation: 0
- Status: Offline
Re: How understand some SSHD messages
I know nothing, but VMS does keep records of successful logins in
SYS$SYSTEM:SYSUAF.DAT.
set default sys$system
pipe mcr authorize show system | search sys$input last
I would not be amazed if an SSHD for VMS had a VMS-specific function to
update those data.
I'd guess that "vms_add_login_msg" might be related to
SYS$MANAGER:WELCOME.TXT and/or the logical name SYS$WELCOME. But what
do I know?
Very good ideas.
But : the recording of the ssh login in authorize is ok.
and there is a normal welcome.txt
the exact log from sshd is:
vms_update_sysuaf_valid_access: vms_add_login_msg failed with status 0
So: what do we know?
SYS$SYSTEM:SYSUAF.DAT.
set default sys$system
pipe mcr authorize show system | search sys$input last
I would not be amazed if an SSHD for VMS had a VMS-specific function to
update those data.
I'd guess that "vms_add_login_msg" might be related to
SYS$MANAGER:WELCOME.TXT and/or the logical name SYS$WELCOME. But what
do I know?
Very good ideas.
But : the recording of the ssh login in authorize is ok.
and there is a normal welcome.txt
the exact log from sshd is:
vms_update_sysuaf_valid_access: vms_add_login_msg failed with status 0
So: what do we know?
Re: How understand some SSHD messages
Code: Select all
> So: what do we know?
All I have are negatives.
At least one of us seems to have no idea how to report a problem.
Among the things which I (and other non-psychics?) do not know:
What you are doing. Actual actions/commands. Actual
results/messages. Software versions (SSH client and server).
> the exact log from sshd is:
> [...]
Which log is that? When you did _what_?
> [...] Is there some actual problem which you are trying to solve?
Still a mystery. What, exactly, are you trying to do with SSH?
Remote login? Remote command? Is SSH not working as expected?
Authentication method? When you issue the (secret) command, what
(secret) things happen? Is the only problem the message in the log?
As usual, showing actual actions (commands) with their actual results
(behavior, error messages, ...) can be more helpful than vague (or
information-free) descriptions. Copy+paste is your friend.
How much time do you expect anyone to waste trying to guess what
you're doing/seeing?
If there is some actual SSH problem, then adding one or more "-v"
options to the SSH command might provide some helpful information.
Last edited by sms on Wed Sep 25, 2024 6:35 pm, edited 1 time in total.
-
Topic author - Contributor
- Posts: 10
- Joined: Mon Aug 05, 2024 11:13 am
- Reputation: 0
- Status: Offline
Re: How understand some SSHD messages
I didn't want to disturb.
Action : login ssh from putty on windows
log :
$ type ssh$root:[var]x881_192_168_1_53_0000043a.log
Accepted password for system from 192.168.1.53 port 0 ssh2
vms_update_sysuaf_valid_access: vms_add_login_msg failed with status 0
$ product sho product openssh/full
------------------------------------ ----------- --------- ------------------------------------ ------------------------------------
PRODUCT KIT TYPE STATE MAINTENANCE REFERENCED BY
------------------------------------ ----------- --------- ------------------------------------ ------------------------------------
VSI X86VMS OPENSSH V8.9-1H01 Full LP Installed VSI X86VMS OPENVMS E9.2-3
------------------------------------ ----------- --------- ------------------------------------ ------------------------------------
Why do I want to connect with ssh? ->
I try to use the new feature x11 forwarding
I tried it on another platform where I installed only the new version of openssh to try it
In this other platform something is ok: if I say on putty ok to x11 forwarding, on VMS and if a do a $ set display there is a display automaticly created. But there is a problem with authentication operations. I read on this forum that the problem could be resolved with the last version of VMS and in it DECWINDOWS.
I installed the last VMS version on another platform. And I have the problem you can see ont the login log. And the display is not created.
I thought it wasn't a decwindow and authorisation issue, just something that goes wrong before x11 forwarding can do something.
To prove that I tried a ssh connection without x11 forwarding to see if I get the same loging log.
And yes, same problem - you see the log.
Because the configuration on this second platform is very the same as in the first one, I want to understand what is the cause on the problem before continuing my tests.
I can read programs. If I had sources of the openssh port (or a crystal ball) we'd waste a lot less time
Thank you for the help
Action : login ssh from putty on windows
log :
$ type ssh$root:[var]x881_192_168_1_53_0000043a.log
Accepted password for system from 192.168.1.53 port 0 ssh2
vms_update_sysuaf_valid_access: vms_add_login_msg failed with status 0
$ product sho product openssh/full
------------------------------------ ----------- --------- ------------------------------------ ------------------------------------
PRODUCT KIT TYPE STATE MAINTENANCE REFERENCED BY
------------------------------------ ----------- --------- ------------------------------------ ------------------------------------
VSI X86VMS OPENSSH V8.9-1H01 Full LP Installed VSI X86VMS OPENVMS E9.2-3
------------------------------------ ----------- --------- ------------------------------------ ------------------------------------
Why do I want to connect with ssh? ->
I try to use the new feature x11 forwarding
I tried it on another platform where I installed only the new version of openssh to try it
In this other platform something is ok: if I say on putty ok to x11 forwarding, on VMS and if a do a $ set display there is a display automaticly created. But there is a problem with authentication operations. I read on this forum that the problem could be resolved with the last version of VMS and in it DECWINDOWS.
I installed the last VMS version on another platform. And I have the problem you can see ont the login log. And the display is not created.
I thought it wasn't a decwindow and authorisation issue, just something that goes wrong before x11 forwarding can do something.
To prove that I tried a ssh connection without x11 forwarding to see if I get the same loging log.
And yes, same problem - you see the log.
Because the configuration on this second platform is very the same as in the first one, I want to understand what is the cause on the problem before continuing my tests.
I can read programs. If I had sources of the openssh port (or a crystal ball) we'd waste a lot less time
Thank you for the help
-
- Contributor
- Posts: 19
- Joined: Wed May 29, 2024 10:29 am
- Reputation: 0
- Location: Australia
- Status: Offline
- Contact:
Re: How understand some SSHD messages
Interesting...
I have the same issue:
Putty
ubuntu
X11 X display location: localhost:0.0
MIT-Magic-Cookie-1: .Xauthority
vms
X11 X display location: localhost:0.0
MIT-Magic-Cookie-1: .Xauthority
X11 server Cygwin on Windows 11
Ubuntu
> echo $DISPLAY
localhost:10.0
> xcalc
displays as expected
vms
> show display
Device: WSA32: [user]
Node: vms0.tssolutions.com.au
Transport: TCPIP
Server: 10
Screen: 0
> mcr decw$calc
Xlib: connection to "_WSA32:" refused by server
Xlib: PuTTY X11 proxy: No authorisation provided
X Toolkit Error: Can't Open display
%DWT-F-NOMSG, Message number 03AB8204
product sho product openssh/full
------------------------------------ ----------- --------- ---------------------
--------------- ------------------------------------
PRODUCT KIT TYPE STATE MAINTENANCE
REFERENCED BY
------------------------------------ ----------- --------- ---------------------
--------------- ------------------------------------
VSI X86VMS OPENSSH V8.9-1I01 Full LP Installed
VSI X86VMS OPENVMS V9.2-2
------------------------------------ ----------- --------- ---------------------
--------------- ------------------------------------
So it looks like there is an issue with the X11 tunnel implementation. Can only assume it is a handshaking issue.
I have the same issue:
Putty
ubuntu
X11 X display location: localhost:0.0
MIT-Magic-Cookie-1: .Xauthority
vms
X11 X display location: localhost:0.0
MIT-Magic-Cookie-1: .Xauthority
X11 server Cygwin on Windows 11
Ubuntu
> echo $DISPLAY
localhost:10.0
> xcalc
displays as expected
vms
> show display
Device: WSA32: [user]
Node: vms0.tssolutions.com.au
Transport: TCPIP
Server: 10
Screen: 0
> mcr decw$calc
Xlib: connection to "_WSA32:" refused by server
Xlib: PuTTY X11 proxy: No authorisation provided
X Toolkit Error: Can't Open display
%DWT-F-NOMSG, Message number 03AB8204
product sho product openssh/full
------------------------------------ ----------- --------- ---------------------
--------------- ------------------------------------
PRODUCT KIT TYPE STATE MAINTENANCE
REFERENCED BY
------------------------------------ ----------- --------- ---------------------
--------------- ------------------------------------
VSI X86VMS OPENSSH V8.9-1I01 Full LP Installed
VSI X86VMS OPENVMS V9.2-2
------------------------------------ ----------- --------- ---------------------
--------------- ------------------------------------
So it looks like there is an issue with the X11 tunnel implementation. Can only assume it is a handshaking issue.
gt
VMS Ambassador
Downunder
VMS Ambassador
Downunder
-
- Master
- Posts: 201
- Joined: Sat Aug 15, 2020 9:00 am
- Reputation: 0
- Location: Cambridge, UK
- Status: Offline
Re: How understand some SSHD messages
Interesting.
I haven't yet upgraded to the latest SSH. - holding off until the of the problems have been fixed
I run VMS under KVM and use PuTTY from both Windows, and Ubuntu, and have never had any issues.
Admittedly, I haven't tried to use X, as I have only ever used it on an Alpha console, and earlier on a VXT using an Infoserver and VAX VMS 6.3 - both fairly disappointing
I haven't yet upgraded to the latest SSH. - holding off until the of the problems have been fixed
I run VMS under KVM and use PuTTY from both Windows, and Ubuntu, and have never had any issues.
Admittedly, I haven't tried to use X, as I have only ever used it on an Alpha console, and earlier on a VXT using an Infoserver and VAX VMS 6.3 - both fairly disappointing
--
Chris
Chris