Setup Troubles with SSH

Here you can discuss the universal Integrated Development Environment for OpenVMS.

Topic author
cgoodwin
Contributor
Posts: 15
Joined: Wed Aug 21, 2019 8:43 am
Reputation: 0
Status: Offline

Setup Troubles with SSH

Post by cgoodwin » Wed Aug 21, 2019 9:01 am

I am having some troubles setting up the VMS IDE in VS Code and am hoping someone here might know what is going on. Specifically, my issue lies when trying to set up the ssh connection. I followed the instructions as per the wiki, and want to use password authentication, not a key file. My settings for now are as follows:

Code: Select all

{
    "connection": {
        "host": "my.host.com",
        "keyFile": "",
        "password": "myPassword",
        "port": myport,
        "username": "myUsername",
        "skipSignatureVerification": false
    },
    "host-collection": {
        "hosts": []
    },
    "timeouts": {
        "cmdTimeout": 0,
        "feedbackTimeout": 0,
        "welcomeTimeout": 0
    },
    "terminal": {
        "command": "ssh -oHostKeyAlgorithms=+ssh-dss ${keyFile?-i ${keyFile}} ${username?${username}@}${host}"
    }
}
I Ctrl+F6 to run the terminal but I get 2 errors:
error: Bad protocol 2 host key algorithms '+ssh-dss'.
error: Invalid command line -o option 'HostKeyAlgorithms'
I have spent the past couple of days trying various solutions but almost all of them have just led to additional issues, so I decided to 'restart' back at the beginning with this initial problem. Any and all help would be greatly appreciated :D


sergey_vorfolomeev
VSI Expert
Valued Contributor
Posts: 99
Joined: Thu Aug 22, 2019 12:17 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by sergey_vorfolomeev » Thu Aug 22, 2019 12:20 am

The SSH command depends on your OS and the SSH client installed. Try removing the '+'character:

Code: Select all

ssh -oHostKeyAlgorithms=ssh-dss ${keyFile?-i ${keyFile}} ${username?${username}@}${host}
Last edited by sergey_vorfolomeev on Thu Aug 22, 2019 12:21 am, edited 1 time in total.


Topic author
cgoodwin
Contributor
Posts: 15
Joined: Wed Aug 21, 2019 8:43 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by cgoodwin » Thu Aug 22, 2019 8:47 am

Thanks for the suggestion! I am on Windows 10 and the ssh -V returns the following:

Code: Select all

Reflection_16.0.53, SSH protocols 1.5/2.0, OpenSSL 1.0.1q 3 Dec 2015
I removed the + as you had suggested (as well as added #${port} at the end of the command), which did get me past those errors, however, now I have a new issue that I had ran into earlier on in my testing and couldn't get past.

Code: Select all

error: Identification exchange error on read: Connection closed by remote host
I did the verbose debug and it returned the following:

Code: Select all

2019-08-22  8:38:07:392 debug1: Identification exchange received and ignored:  Welcome to HP OpenVMS Industry Standard 64 Operating System, V8.4


2019-08-22  8:38:07:397 debug1: Identification exchange received and ignored:


2019-08-22  8:38:12:874 debug1: Identification exchange received and ignored:
Username:


2019-08-22  8:38:12:876 debug1: Identification exchange received and ignored: Error reading command input


error: Identification exchange error on read: Connection closed by remote host
It hangs at the username for a few seconds then times out (probably due to our OpenVMS authentication timeout settings). It's as if it is not passing the username to the field and it ignores the identification exchange, which prevents me from being able to just type it in. I am not sure where to go from here.
Last edited by cgoodwin on Thu Aug 22, 2019 8:47 am, edited 1 time in total.


sergey_vorfolomeev
VSI Expert
Valued Contributor
Posts: 99
Joined: Thu Aug 22, 2019 12:17 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by sergey_vorfolomeev » Thu Aug 22, 2019 11:54 pm

My ssh version is:

Code: Select all

OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5 
Can you display all from integrated terminal after pressing Ctrl-F6? Like (of course, you shouldn't display passwords 8-) ):

Code: Select all

Windows PowerShell
(C) Корпорация Майкрософт (Microsoft Corporation). Все права защищены.

Попробуйте новую кроссплатформенную оболочку PowerShell (https://aka.ms/pscore6)

PS D:\WRK\openvms\java\java> ssh -oHostKeyAlgorithms=+ssh-dss -i h:/.ssh/sv01 vorfolomeev@10.11.108.21

 Welcome to VMS Software, Inc. OpenVMS (TM) IA64 Operating System, V8.4-2



    *****************************************************
    *                                                   *
    *                   Welcome                         *
    *                                                   *
    *       Unauthorized Access is Prohibited!          *
    *                                                   *
    *        VMS Software Inc. - CONFIDENTIAL           *
    *                                                   *
    *****************************************************




    Last interactive login on Thursday, 22-AUG-2019 23:42:31.01    
    Last non-interactive login on Thursday, 22-AUG-2019 07:10:27.86
 TAZAWA>            
Or just only command:

Code: Select all

ssh -oHostKeyAlgorithms=+ssh-dss -i h:/.ssh/sv01 vorfolomeev@10.11.108.21

User avatar

martinv
Master
Posts: 102
Joined: Fri Jun 14, 2019 11:05 pm
Reputation: 0
Location: Goslar, Germany
Status: Offline
Contact:

Re: Setup Troubles with SSH

Post by martinv » Fri Aug 23, 2019 6:48 am

The identification exchange you posted looks like an interactive (telnet) login process to me. That is, you're connecting to port 23 instead of 22 (or whatever port your SSH server is configured to use).

NB: Windows 10 (version 1803) comes with an integrated SSH utility, which most likely has a more recent implementation of the protocol. On my system, it reports

Code: Select all

OpenSSH_for_Windows_7.6p1, LibreSSL 2.6.4
.
Working hard for something we don't care about is called stress;
working hard for something we love is called passion.
(Simon Sinek)


Topic author
cgoodwin
Contributor
Posts: 15
Joined: Wed Aug 21, 2019 8:43 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by cgoodwin » Wed Aug 28, 2019 1:47 pm

martinv wrote:
Fri Aug 23, 2019 6:48 am
The identification exchange you posted looks like an interactive (telnet) login process to me. That is, you're connecting to port 23 instead of 22 (or whatever port your SSH server is configured to use).

NB: Windows 10 (version 1803) comes with an integrated SSH utility, which most likely has a more recent implementation of the protocol. On my system, it reports

Code: Select all

OpenSSH_for_Windows_7.6p1, LibreSSL 2.6.4
.
Thanks; you were right! I was connecting to the telnet port, not the SSH port.

Added in 2 hours 4 minutes :
Ok, so everything seems to work when I Ctrl+F6 to run the console: I connect and can even navigate my VMS system in the terminal. However, when I try to run the command '>VMS-IDE: Synchronize project files with VMS', I get the following response:

Code: Select all

client error: Error: Handshake failed: no matching client->server cipher
Synchronizing ok [server_name]
If I had to guess, I'd say that the issue lies in '-oHostKeyAlgorithms=ssh-dss ${keyFile?-i ${keyFile}}' but I'm not really sure what I need to do to change the cipher (or if that even is what I need to do). Any ideas?
Last edited by cgoodwin on Wed Aug 28, 2019 3:52 pm, edited 2 times in total.

User avatar

martinv
Master
Posts: 102
Joined: Fri Jun 14, 2019 11:05 pm
Reputation: 0
Location: Goslar, Germany
Status: Offline
Contact:

Re: Setup Troubles with SSH

Post by martinv » Wed Aug 28, 2019 4:17 pm

I've seen recommendations to use

Code: Select all

-o HostKeyAlgorithms=ssh-rsa,ssh-dss -o KexAlgorithms=diffie-hellman-group1-sha1 -o Ciphers=aes128-cbc,3des-cbc -o MACs=hmac-md5,hmac-sha1
with VMS' TCP/IP stack (and older iLO 2 systems).

FWIW: You didn't mention the VMS or TCPIP version of the machine you're trying to communicate with. For TCP/IP Services 5.7, there's an ECO 5G that expands the list of algorithms and ciphers by some more recent ones. Unfortunately, it's not publicly available. You'd have to have a support contract and issue a support request.
Working hard for something we don't care about is called stress;
working hard for something we love is called passion.
(Simon Sinek)


sergey_vorfolomeev
VSI Expert
Valued Contributor
Posts: 99
Joined: Thu Aug 22, 2019 12:17 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by sergey_vorfolomeev » Fri Aug 30, 2019 4:22 am

Please, don't mix the SSH shell and Synchronization. VMS IDE just runs SSH client installed on your PC and pass some parameters to command string.
Synchronization is done inside extension. It seems we have to add 'algorithms' into our settings...
PS: https://www.openssh.com/legacy.html
Last edited by sergey_vorfolomeev on Fri Aug 30, 2019 6:36 am, edited 1 time in total.


Topic author
cgoodwin
Contributor
Posts: 15
Joined: Wed Aug 21, 2019 8:43 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by cgoodwin » Fri Aug 30, 2019 9:31 am

sergey_vorfolomeev wrote:
Fri Aug 30, 2019 4:22 am
Please, don't mix the SSH shell and Synchronization. VMS IDE just runs SSH client installed on your PC and pass some parameters to command string.
Synchronization is done inside extension. It seems we have to add 'algorithms' into our settings...
PS: https://www.openssh.com/legacy.html
That would explain why when I change my SSH command to include more ciphers, it doesn't seem to do anything, yet it works when just running the terminal with Ctrl+F6 :idea: I guess then the only option is for us to wait then in order to use the synchronization functionality for the VMS IDE.


sergey_vorfolomeev
VSI Expert
Valued Contributor
Posts: 99
Joined: Thu Aug 22, 2019 12:17 am
Reputation: 0
Status: Offline

Re: Setup Troubles with SSH

Post by sergey_vorfolomeev » Wed Sep 11, 2019 4:04 am

SSH setting algorithms is added in v1.2.6 https://wiki.vmssoftware.com/SSH_Settings
Last edited by marty.stu on Wed Sep 11, 2019 4:19 am, edited 1 time in total.

Post Reply