INFO-VAX Mon, 28 Apr 2008 Volume 2008 : Issue 237
Contents:
Re: 8.3 Alpha Upgrade Tips
Re: 8.3 Alpha Upgrade Tips
DEC-BASIC Capablities
Re: DEC-BASIC Capablities
Re: DEC-BASIC Capablities
Re: DEC-BASIC Capablities
Re: DEC-BASIC Capablities
Odd backup corruption
Re: scripting a telnet session to VMS
Re: scripting a telnet session to VMS
ssh hostkey file location
Re: ssh hostkey file location
Re: ssh hostkey file location
Re: ssh hostkey file location
Re: ssh hostkey file location
Re: ssh hostkey file location
Re: Time synchronization
----------------------------------------------------------------------
Date: Mon, 28 Apr 2008 10:15:10 +0100
From: Mike <spamtrap@example.com>
Subject: Re: 8.3 Alpha Upgrade Tips
Message-ID: <alpine.SOC.1.00.0804280953580.28309@pbfzbf.gry.pb.hx>
On Sun, 27 Apr 2008, bradhamilton wrote:
> Mike wrote:
>> Upgrading from Alpha 7.3 to 8.3... any special hints/tips?
>>
> Without knowing any more detail about your environment, I would take the
> "virgin" DS10L and do a fresh V8.3 install on it.
Hi Brad, but which type of install - standalone/non-clustered/clustered?
>
> Your post implies that there is another Alpha system with some version of
> V7.3-N.
The existing DS10L, the "live" referred to, is running 7.3 period and
7.3 to 8.3 is not a supported migration pair.
> If N=2, I *think* you can cluster the two systems without difficulty,
> and then upgrade to V8.3 at your leisure
The virgin DS10L will be 7.3..7.3-2 so could conceivably be clustered
to the existing live one running 7.3 but would defeat the object of
making use of an intermediate non-live system to go from 7.3 to 8.3.
Rephrasing the original question, if you had a choice, would you
upgrade 7.3 to 8.3 (possibly requiring an intermediate upgrade) or
re-build live onto 8.3?
> (or alternatively, create another system root on the DS10L system disk,
> and boot the other machine into that root, ..
The disks aren't big, 9GB COMPAQ BB009222B5s, albeit only 1/3 full, but
would prefer a less risky strategy. Julie Altswitch detailed a cloned
If using a second disk made it so much easier, I'd certainly consider it,
though it's not like the capacity's actually needed.
> My suppositions assume that you might have "other" disks on the systems,
> and have segregated your applications and their associated data from
> the system disks. If the system disks are the only disks, your task
> becomes more complicated, but still possible. Different approaches
> might be needed, depending on your scheme.
Exactly, which is why I'm asking here to seek the benefit of experience.
Each DS10L is single-disked with the OS and "applications" co-resident.
Its probably more trouble than its worth to migrate the freeware, and
the approach taken recently on another OS upgrade was simply to install
new packages of the freeware onto the new box running the later OS.
There's only one licenced app to truly migrate 7.3 to 8.3, but even that
will be a reinstall. Data is elsewhere...
I put-off the other-OS upgrade untill I had a spare, intermediate, box
and used the fresh install migrate stuff over approach which never
involves actually doing an OS upgrade. I found I abused the leisurely
approach it makes possible. The last 10% of stuff on old "live" never
got migrated so the old "live" still hasn't been switched off, wiped,
been given a fresh install of the latest OS and made a spare/test - an
approach advocated here in c.o.v. recently. With the other OS, the
"upgrade" was a migration to bigger hardware running a fresh install of
the later OS. Here, both boxes are identical which is why I raised the
additional question/complication of clustering. Its not a "must-have".
Certainly processing power is not an issue. Resilience/redundancy is.
------------------------------
Date: Mon, 28 Apr 2008 16:40:31 GMT
From: =?ISO-8859-1?Q?Jan-Erik_S=F6derholm?=
Subject: Re: 8.3 Alpha Upgrade Tips
Message-ID: <36nRj.6680$R_4.5297@newsb.telia.net>
Mike wrote:
> Rephrasing the original question, if you had a choice, would you
> upgrade 7.3 to 8.3 (possibly requiring an intermediate upgrade) or
> re-build live onto 8.3?
That's highly dependant on what's on the sys-disk !
Note that by doing an "Upgrade" you keep not only
any applications on the disk, but also all users,
queues and other OS-setups.
*I* would probably do two upgrades (if needed, and if
I had access to the medias needed).
If it was an newly installed never-used 7.3 system,
that one could just install 8.3 over it.
Jan-Erik.
------------------------------
Date: Mon, 28 Apr 2008 07:21:34 -0700 (PDT)
From: Steve Pisani <Steve.Pisani@intersystems.com>
Subject: DEC-BASIC Capablities
Message-ID: <60abd1e3-674d-452f-ad33-2e0ffa83907b@y38g2000hsy.googlegroups.com>
Hi,
I'm relatively new to this environment, so I'm hoping to get some info
from this forum.
On one side I have an application running on OpenVMS written in DEC-
BASIC which maintains RMS files.
On the other side I have a relational DB (Cache from InterSystems)
The relational DB allows me to extract/update information into it via
a number of methods, namely, via ODBC calls, or programs written in C,
C++, Java, .NET... and other technologies.
The task is to modify the DEC-BASIC information such that I can send
data to the relational Database. Whilst I know the capabilities
afforded to me by the rdbms side, I do not knwo what capabilities DEC-
BASIC has.
so -
1/ Does DEC-BASIC have commands that allow me to make ODBC calls ? If
so - what do I need to set this up?
2/ Can a DEC-BASIC program call a C++ program ? If so - does this need
to be "linked" in with the BASIC object.
3/ Can a DEC-BASIC program call a Java program ?
Any feedback appreciated..
Thanks
Steve
------------------------------
Date: Mon, 28 Apr 2008 11:46:04 -0400
From: "Richard B. Gilbert" <rgilbert88@comcast.net>
Subject: Re: DEC-BASIC Capablities
Message-ID: <huudnSHu_IvxbIjVnZ2dnUVZ_oSunZ2d@comcast.com>
Steve Pisani wrote:
> Hi,
>
> I'm relatively new to this environment, so I'm hoping to get some info
> from this forum.
>
> On one side I have an application running on OpenVMS written in DEC-
> BASIC which maintains RMS files.
> On the other side I have a relational DB (Cache from InterSystems)
>
> The relational DB allows me to extract/update information into it via
> a number of methods, namely, via ODBC calls, or programs written in C,
> C++, Java, .NET... and other technologies.
>
> The task is to modify the DEC-BASIC information such that I can send
> data to the relational Database. Whilst I know the capabilities
> afforded to me by the rdbms side, I do not knwo what capabilities DEC-
> BASIC has.
>
> so -
>
> 1/ Does DEC-BASIC have commands that allow me to make ODBC calls ? If
> so - what do I need to set this up?
Yes. Just call your ODBC routine as you would any other BASIC
subroutine. You will need to link with the library containing it.
Never done it. You may need to tell the linker where to find it.
> 2/ Can a DEC-BASIC program call a C++ program ?
Yes
> If so - does this need
> to be "linked" in with the BASIC object.
Yes.
> 3/ Can a DEC-BASIC program call a Java program ?
I don't think so but I'm not really an expert on anything to do with
Java. You would probably have to call LIB$SPAWN to create a process to
run the Java interpreter.
------------------------------
Date: Mon, 28 Apr 2008 16:16:28 GMT
From: =?ISO-8859-1?Q?Jan-Erik_S=F6derholm?=
Subject: Re: DEC-BASIC Capablities
Message-ID: <wLmRj.6678$R_4.5391@newsb.telia.net>
Steve Pisani wrote:
> Hi,
>
> I'm relatively new to this environment, so I'm hoping to get some info
> from this forum.
>
> On one side...
What is a "side" ???
> I have an application running on OpenVMS written in DEC-
> BASIC which maintains RMS files.
> On the other side I have a relational DB (Cache from InterSystems)
>
> The relational DB allows me to extract/update information into it via
> a number of methods, namely, via ODBC calls, or programs written in C,
> C++, Java, .NET... and other technologies.
>
> The task is to modify the DEC-BASIC information...
Are you talking about the RMS files ?
That isn't "DEC-BASIC information" as such, it just
RMS files...
> such that I can send
> data to the relational Database. Whilst I know the capabilities
> afforded to me by the rdbms side, I do not knwo what capabilities DEC-
> BASIC has.
>
> so -
>
> 1/ Does DEC-BASIC have commands that allow me to make ODBC calls ? If
> so - what do I need to set this up?
Are you talking about ODBC calls from say a Windows environment ?
Or local ODBC calls on the VMS system ?
There is (was?) some kind of driver that would let you
make ODBC calls from a PC to RMS files just as to any
other "database". It *might* have been throught the
"Transparent Gateway For RMS" that once was part of Rdb.
I think that you should have less focus on DEC-BASIC and
look closer at your RMS files instead.
Is this a one-time conversion ? Or what functionality
do you need? Transactions? 2PC between RMS and Caché?
Jan-Erik.
> 2/ Can a DEC-BASIC program call a C++ program ? If so - does this need
> to be "linked" in with the BASIC object.
> 3/ Can a DEC-BASIC program call a Java program ?
>
> Any feedback appreciated..
>
> Thanks
>
> Steve
------------------------------
Date: Mon, 28 Apr 2008 09:38:20 -0700 (PDT)
From: k.rollman@gmail.com
Subject: Re: DEC-BASIC Capablities
Message-ID: <778014a8-c77a-40ef-bccf-28e40a6cdcc6@c58g2000hsc.googlegroups.com>
On Apr 28, 8:21 am, Steve Pisani <Steve.Pis...@intersystems.com>
wrote:
> Hi,
>
> I'm relatively new to this environment, so I'm hoping to get some info
> from this forum.
>
> On one side I have an application running on OpenVMS written in DEC-
> BASIC which maintains RMS files.
> On the other side I have a relational DB (Cache from InterSystems)
>
> The relational DB allows me to extract/update information into it via
> a number of methods, namely, via ODBC calls, or programs written in C,
> C++, Java, .NET... and other technologies.
>
> The task is to modify the DEC-BASIC information such that I can send
> data to the relational Database. Whilst I know the capabilities
> afforded to me by the rdbms side, I do not knwo what capabilities DEC-
> BASIC has.
>
> so -
>
> 1/ Does DEC-BASIC have commands that allow me to make ODBC calls ? If
> so - what do I need to set this up?
No, at least not natively. There may be some third party software
available that gives the capability.
> 2/ Can a DEC-BASIC program call a C++ program ? If so - does this need
> to be "linked" in with the BASIC object.
Yes. You can CHAIN to another program, or call modules written in c/c+
+. See http://h71000.www7.hp.com/doc/82final/5973/5973PRO.HTML.
> 3/ Can a DEC-BASIC program call a Java program ?
Yes. See answer to 1. If you are going to call JAVA modules, you
will need to write c/c++ wrapper(s) to expose the JAVA functions in a
way Basic can pass any arguments needed. With the WSIT toolkit you
can go JAVA->Basic, but the last time I looked at it, it did not
provide any help going the other way.
------------------------------
Date: 28 Apr 2008 13:20:42 -0500
From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)
Subject: Re: DEC-BASIC Capablities
Message-ID: <kXdU8c9moF02@eisner.encompasserve.org>
In article <60abd1e3-674d-452f-ad33-2e0ffa83907b@y38g2000hsy.googlegroups.com>, Steve Pisani <Steve.Pisani@intersystems.com> writes:
>
> 1/ Does DEC-BASIC have commands that allow me to make ODBC calls ? If
> so - what do I need to set this up?
I might be possible that the ODBC API was written in such a way as
not to be directly callable form BASIC, but I doubt it.
> 2/ Can a DEC-BASIC program call a C++ program ? If so - does this need
> to be "linked" in with the BASIC object.
Yes, you can mix all native languages on VMS. All the objects must
be linked together no matter what language(s) the source is in.
> 3/ Can a DEC-BASIC program call a Java program ?
Yes. The JNI for calling Java from native languages and the tools
that support it are for C, but you can interface between C and BASIC.
What you won't find is the tools or API definitions for working
directly in BASIC.
There is a VMS document on modular programming, and sections of each
compiler's Users Guide which will help you with everything except
the JNI. The JNI documentation is downloadable with the JDK documnetion.
------------------------------
Date: Mon, 28 Apr 2008 16:01:06 +0100
From: Tom Wade <nospam@picard.eurokom.ie>
Subject: Odd backup corruption
Message-ID: <QElRj.25217$j7.467250@news.indigo.ie>
Greetings,
I've seen the following bizarre situation with BACKUP on an Alpha PS 433au.
OpenVMS7.3-2 with UPDATE 12 (which includes BACKUP 7).
$ copy temp-input.ps temp-copy.ps
$ diff temp-input.ps temp-copy.ps
Number of difference sections found: 0
Number of difference records found: 0
DIFFERENCES /IGNORE=()/MERGED=1-
DKA0:[TEMP]TEMP-INPUT.PS;1-
DKA0:[TEMP]TEMP-COPY.PS;2
SO far so good. Similar result for CONVERT. Now for BACKUP
$ backup temp-input.ps temp-backup.ps
$ diff temp-input.ps temp-backup.ps
File DKA0:[TEMP]TEMP-INPUT.PS;1
119 GetPageDeviceName @ type @/nametype ne ~/stringtype ne
and{!/none}if(.)5
120 -1 1{^ length add}for string 6 1 $ 5 ^ 5{~ 1 ^ cvs length 1 ^
length 1 ^
******
File DKA0:[TEMP]TEMP-BACKUP.PS;1
119 GetPageD @/nametype ne ~/stringtype ne and{!/none}if(.)5
120 -1 1{^ length add}for string 6 1 $ 5 ^ 5{~ 1 ^ cvs length 1 ^
length 1 ^
************
************
File DKA0:[TEMP]TEMP-INPUT.PS;1
300 ex cy flipXY -1 eq {exch} if itransform pop
301 x2 sub /eShift exch def
******
File DKA0:[TEMP]TEMP-BACKUP.PS;1
300 eeviceName @ typeq {exch} if itransform pop
301 x2 sub /eShift exch def
************
%DIFF-F-READERR, error reading DKA0:[TEMP]TEMP-BACKUP.PS;1
-RMS-W-RTB, 26988 byte record too large for user's buffer
The file produced is the same size, and has the same RMS attributes
File Organization: sequential
Record Format: variable
Record Attributes: carriage-return
Maximum Record Size: 0
Longest Record: 153
Blocks Allocated: 600, Default Extend Size: 0
End-of-File VBN: 542, Offset: %X'008A'
File Monitoring: disabled
File Length Hint (Record Count): -1 (invalid)
File Length Hint (Data Byte Count): -1 (invalid)
Global Buffer Count: 0
However, the file is corrupted.
I also noticed the following:
1. The problem arises when trying to copy a file (as above), or
extracting a file from a Backup saveset. Writing a backup saveset is
OK, as I can move the newly created saveset to another machine, and
unpack the file successfully there.
2. The problem occurs irrespective of which disk (there are two) is used.
3. I tried copying over the BACKUP.EXE and BACKUPSHR.EXE from another
7.3-2 machine (with UPDATE 4) and the same thing happens. The problem
does not occur on this second machine (I remembered to INSTALL REPLACE).
4. SHOW ERROR produces NOERRORS (no device errors found).
I am somewhat perplexed. Silent corruption from BACKUP is not something
I would have expected.
Has anyone seen anything like this ?
---------------------------------------------------------
Tom Wade | EMail: tee dot wade at eurokom dot ie
EuroKom | Tel: +353 (1) 296-9696
A2, Nutgrove Office Park | Fax: +353 (1) 296-9697
Rathfarnham | Disclaimer: This is not a disclaimer
Dublin 14 | Tip: "Friends don't let friends do Unix !"
Ireland
------------------------------
Date: Mon, 28 Apr 2008 14:09:14 +0000 (UTC)
From: david20@alpha2.mdx.ac.uk
Subject: Re: scripting a telnet session to VMS
Message-ID: <fv4lqa$kft$1@south.jnrs.ja.net>
In article <4814d72c$0$90263$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> writes:
>david20@alpha2.mdx.ac.uk wrote:
>> In article <480169ae$0$90272$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> writes:
>>> david20@alpha1.mdx.ac.uk wrote:
>>>> In article <47ec1994$0$90276$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> writes:
>>>>> VAXman- @SendSpamHere.ORG wrote:
>>>>>> Cygwin is a Weendoze terminal emulator?
>>>>> Cygwin is a *nix shell + utilities + libraries for Windows.
>>>>>
>>>>>> I can't believe you'd be so lax
>>>>>> with system security to have username and password to a VMS machine hard-
>>>>>> coded into a script that any hacker who gets into the Weendoze box could
>>>>>> exploit.
>>>>> The risk of hacking is probably lower than for most OS'es.
>>>>>
>>>> Well I suppose you could argue that there are so many unpatched badly mismanaged
>>>> Windows systems out there that you have to be unlucky for someone to pick on
>>>> your machine to hack into.
>>> Most desktop Windows systems are not running a
>>> telnet/FTP/SSH/HTTP/whatever server.
>>>
>>> As a result they are for all practical purposes never hacked.
>>>
>> Lots of malware opens up backdoor ports and some of those run public-domain
>> ftp server software on those ports.
>
>That is not hacking unless the malware is targeted against a
>specific PC.
>
I've seen tons of desktop "classroom" PCs which were infected with backdoor
programs by students so that they could show off by ejecting the CD or
controlling the machine in some otherway remotely. These were definitely
targeted at the machines in those particular classrooms and used programs such
as B02K, Sub7 etc etc
That was obviously sometime ago and those particular backdoors would be picked
up by modern anti-virus scanners. We also put in place software which resets
the classroom PCs back to a default state on reboot which rather reduced the
period during which such tricks could be played hence the students haven't been
bothering with that for a while.
From a hacker perspective installing a RAT on a user's PC and recording his
keystrokes whilst he logs in through the company firewall would definitely
be a better option than directly attacking the firewall.
>> Also wormable vulnerabilities (ie those where no user intervention is
>> necessary and the patch states that it may allow remote code execution
>> are just as vulnerable to hackers as they are to having a worm written
>> for them).
>
>Sure.
>
>It is definitely possible. But it just never seems to happen in
>real life.
>
Just because you haven't heard of it happening does mean that it never
happens.
As referred to above a user's desktop PC may be a great route for hacking other
systems.
There have also been a number of cases where after a court case involving
pornography the defendent has been declared innocent since the computer
involved had backdoor programs installed on it which could have been used to
plant the pictures.
"A landmark trial recently found that illegal pornography had been placed on an
innocent man's computer by a trojan program..."
From
BEWARE TROJAN'S BEARING GIFS by NEIL BARRETT, IT WEKK 03 JUN 2003
Mark Rasch of SecurityFocus has pointed out
"In late December 2003, companies around the world began to report a new kind
of cyber-attack that had been apparently going on for about a year. Cyber
extortionists (reportedly from Eastern Europe) threatened to "plant" child
pornography on their computers and then call the cops if they didn't agree to
pay a small fee."
David Webb
Security team leader
CCSS
Middlesex University
>Arne
------------------------------
Date: Mon, 28 Apr 2008 15:20:15 +0000 (UTC)
From: david20@alpha2.mdx.ac.uk
Subject: Re: scripting a telnet session to VMS
Message-ID: <fv4pvf$lqp$1@south.jnrs.ja.net>
In article <fv4lqa$kft$1@south.jnrs.ja.net>, david20@alpha2.mdx.ac.uk writes:
>In article <4814d72c$0$90263$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> writes:
>>david20@alpha2.mdx.ac.uk wrote:
>>> In article <480169ae$0$90272$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> writes:
>>>> david20@alpha1.mdx.ac.uk wrote:
>>>>> In article <47ec1994$0$90276$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> writes:
>>>>>> VAXman- @SendSpamHere.ORG wrote:
>>>>>>> Cygwin is a Weendoze terminal emulator?
>>>>>> Cygwin is a *nix shell + utilities + libraries for Windows.
>>>>>>
>>>>>>> I can't believe you'd be so lax
>>>>>>> with system security to have username and password to a VMS machine hard-
>>>>>>> coded into a script that any hacker who gets into the Weendoze box could
>>>>>>> exploit.
>>>>>> The risk of hacking is probably lower than for most OS'es.
>>>>>>
>>>>> Well I suppose you could argue that there are so many unpatched badly mismanaged
>>>>> Windows systems out there that you have to be unlucky for someone to pick on
>>>>> your machine to hack into.
>>>> Most desktop Windows systems are not running a
>>>> telnet/FTP/SSH/HTTP/whatever server.
>>>>
>>>> As a result they are for all practical purposes never hacked.
>>>>
>>> Lots of malware opens up backdoor ports and some of those run public-domain
>>> ftp server software on those ports.
>>
>>That is not hacking unless the malware is targeted against a
>>specific PC.
>>
>I've seen tons of desktop "classroom" PCs which were infected with backdoor
>programs by students so that they could show off by ejecting the CD or
>controlling the machine in some otherway remotely. These were definitely
>targeted at the machines in those particular classrooms and used programs such
>as B02K, Sub7 etc etc
>
>That was obviously sometime ago and those particular backdoors would be picked
>up by modern anti-virus scanners. We also put in place software which resets
>the classroom PCs back to a default state on reboot which rather reduced the
>period during which such tricks could be played hence the students haven't been
>bothering with that for a while.
>
>From a hacker perspective installing a RAT on a user's PC and recording his
>keystrokes whilst he logs in through the company firewall would definitely
>be a better option than directly attacking the firewall.
>
>
>>> Also wormable vulnerabilities (ie those where no user intervention is
>>> necessary and the patch states that it may allow remote code execution
>>> are just as vulnerable to hackers as they are to having a worm written
>>> for them).
>>
>>Sure.
>>
>>It is definitely possible. But it just never seems to happen in
>>real life.
>>
>Just because you haven't heard of it happening does mean that it never
>happens.
That should obviously have been
"
Just because you haven't heard of it happening doesn't mean that it never
happens.
"
David Webb
Security team leader
CCSS
Middlesex University
>As referred to above a user's desktop PC may be a great route for hacking other
>systems.
>
>There have also been a number of cases where after a court case involving
>pornography the defendent has been declared innocent since the computer
>involved had backdoor programs installed on it which could have been used to
>plant the pictures.
>
>"A landmark trial recently found that illegal pornography had been placed on an
>innocent man's computer by a trojan program..."
>
>From
>BEWARE TROJAN'S BEARING GIFS by NEIL BARRETT, IT WEKK 03 JUN 2003
>
>
>Mark Rasch of SecurityFocus has pointed out
>
>"In late December 2003, companies around the world began to report a new kind
>of cyber-attack that had been apparently going on for about a year. Cyber
>extortionists (reportedly from Eastern Europe) threatened to "plant" child
>pornography on their computers and then call the cops if they didn't agree to
>pay a small fee."
>
>
>
>
>
>David Webb
>Security team leader
>CCSS
>Middlesex University
>
>
>>Arne
------------------------------
Date: Mon, 28 Apr 2008 14:18:54 +0100
From: Anton Shterenlikht <mexas@bristol.ac.uk>
Subject: ssh hostkey file location
Message-ID: <20080428131854.GA79278@mech-aslap33.men.bris.ac.uk>
How can I find the SSH2 hostkey of a VMS node, i.e. the one that is being
copied to known_hosts when you first connect?
I'd like to share the hostkey between all nodes in a VMS
cluster. At present I've a problem with failsafe IP, because
the key in known_hosts doesn't match after a node goes down
and its IP fails over to another node.
I cannot see any better way than to delete known_hosts (or edit)
in this case.
If I've identical hostkeys for all nodes in the cluster, this
wouldn't happen, right? And I cannot seea any downsides of this
approach.
I just cannot find the location of the hostkey.
many thanks
anton
--
Anton Shterenlikht
Room 2.6, Queen's Building
Mech Eng Dept
Bristol University
University Walk, Bristol BS8 1TR, UK
Tel: +44 (0)117 928 8233
Fax: +44 (0)117 929 4423
------------------------------
Date: Mon, 28 Apr 2008 08:41:49 -0500 (CDT)
From: sms@antinode.org (Steven M. Schweda)
Subject: Re: ssh hostkey file location
Message-ID: <08042808414987_2020CE0A@antinode.org>
From: Anton Shterenlikht <mexas@bristol.ac.uk>
> How can I find the SSH2 hostkey of a VMS node, i.e. the one that is being
> copied to known_hosts when you first connect?
SYS$MANAGER:TCPIP$SSH_RUN.COM suggests tcpip$ssh_device:[tcpip$ssh].
I suspect that the SSH manual would also mention it.
------------------------------------------------------------------------
Steven M. Schweda sms@antinode.org
382 South Warwick Street (+1) 651-699-9818
Saint Paul MN 55105-2547
------------------------------
Date: Mon, 28 Apr 2008 16:25:28 +0100
From: Anton Shterenlikht <mexas@bristol.ac.uk>
Subject: Re: ssh hostkey file location
Message-ID: <20080428152528.GA87716@mech-aslap33.men.bris.ac.uk>
On Mon, Apr 28, 2008 at 08:41:49AM -0500, Steven M. Schweda wrote:
> From: Anton Shterenlikht <mexas@bristol.ac.uk>
>
> > How can I find the SSH2 hostkey of a VMS node, i.e. the one that is being
> > copied to known_hosts when you first connect?
>
> SYS$MANAGER:TCPIP$SSH_RUN.COM suggests tcpip$ssh_device:[tcpip$ssh].
>
> I suspect that the SSH manual would also mention it.
Steven, thank you, found it.
I think I was misled by M.D.Duffy "Getting Started with OpenVMS,
A Guide for New Users", Digital Press 2003, who gives the following
examples on p. 88 in section Wildcards for Directory Operations
"To search all directories on the disk for any files
called ERROR.LOG:
$ DIRECTORY [*...]ERROR.LOG ! Excludes MFD
$ DIRECTORY [000000...]ERROR.LOG ! Includes MFD"
So I presumed that $DIRECTORY [*...]hostskey*.*,
would search all of the disk, but it didn't.
I have to do $DIRECTORY sys$sysdevice:[*...]hostkey*.* instead.
I guess "*" in directory operations means "any subdirectory
immediately below the default directory"?
Also, I cannot find any ssh manual at hp.com/go/openvms/doc
and HELP SSH is very limited.
What ssh manual did you mean?
thanks
anton
--
Anton Shterenlikht
Room 2.6, Queen's Building
Mech Eng Dept
Bristol University
University Walk, Bristol BS8 1TR, UK
Tel: +44 (0)117 928 8233
Fax: +44 (0)117 929 4423
------------------------------
Date: Mon, 28 Apr 2008 16:30:00 GMT
From: Rob Brown <mylastname@gmcl.com>
Subject: Re: ssh hostkey file location
Message-ID: <alpine.LRH.1.00.0804281008210.10650@localhost.localdomain>
On Mon, 28 Apr 2008, Anton Shterenlikht wrote:
> On Mon, Apr 28, 2008 at 08:41:49AM -0500, Steven M. Schweda wrote:
>> From: Anton Shterenlikht <mexas@bristol.ac.uk>
>>
>>> How can I find the SSH2 hostkey of a VMS node, i.e. the one that
>>> is being copied to known_hosts when you first connect?
>>
>> SYS$MANAGER:TCPIP$SSH_RUN.COM suggests
>> tcpip$ssh_device:[tcpip$ssh].
>>
>> I suspect that the SSH manual would also mention it.
>
> Steven, thank you, found it.
>
> I think I was misled by M.D.Duffy "Getting Started with OpenVMS, A
> Guide for New Users", Digital Press 2003, who gives the following
> examples on p. 88 in section Wildcards for Directory Operations
>
> "To search all directories on the disk for any files
> called ERROR.LOG:
>
> $ DIRECTORY [*...]ERROR.LOG ! Excludes MFD
> $ DIRECTORY [000000...]ERROR.LOG ! Includes MFD"
>
> So I presumed that $DIRECTORY [*...]hostskey*.*,
> would search all of the disk, but it didn't.
> I have to do $DIRECTORY sys$sysdevice:[*...]hostkey*.* instead.
The difference between "[*...]hostskey*.*", and
"sys$sysdevice:[*...]hostkey*.*" is that the latter specifies a device
name and the former does not.
Do you have more than one disk drive and your default device was not
SYS$SYSDEVICE? Type SHOW DEFAULT. Then type SHOW LOGICAL
SYS$SYSDEVICE.
Or were you logged into an account who's default device was a rooted
logical, such as SYSTEM? (Duffy's target audience was probably not
"new users who are logged in as SYSTEM". ;-) ) When a rooted logical
is used as the device specifier, file system searches do not extend
beyond the domain of the rooted logical.
> I guess "*" in directory operations means "any subdirectory
> immediately below the default directory"?
No that's what "[.*" means. "[*" really does search the entire
device, but either of the two explanations above can explain your
results.
If you are coming from a UNIX-like background where all disk drives
are hidden from the user and the entire directory tree is under "/",
you will find this part of VMS different. On VMS each disk drive is
presented to the user separately, as they are in popular Microsoft
operating systems. On UNIX, you can search all disk drives for a file
with a single command. On VMS, you must repeat the command for each
disk drive.
hth
- Rob
--
Rob Brown b r o w n a t g m c l d o t c o m
G. Michaels Consulting Ltd. (780)438-9343 (voice)
Edmonton (780)437-3367 (FAX)
http://gmcl.com/
------------------------------
Date: Mon, 28 Apr 2008 16:35:08 GMT
From: =?ISO-8859-1?Q?Jan-Erik_S=F6derholm?=
Subject: Re: ssh hostkey file location
Message-ID: <01nRj.6679$R_4.5103@newsb.telia.net>
Rob Brown wrote:
> On UNIX, you can search all disk drives for a file
> with a single command. On VMS, you must repeat the command for each
> disk drive.
Or create a logical name that is a search-path to all disks
and use a single command...
Jan-Erik.
------------------------------
Date: 28 Apr 2008 13:14:05 -0500
From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)
Subject: Re: ssh hostkey file location
Message-ID: <j7ZbQ1M2leOD@eisner.encompasserve.org>
In article <20080428152528.GA87716@mech-aslap33.men.bris.ac.uk>, Anton Shterenlikht <mexas@bristol.ac.uk> writes:
> I guess "*" in directory operations means "any subdirectory
> immediately below the default directory"?
No. * in [*...] means all top level directories except the MFD
on the current device, all all thier subdirectories.
If a logical name is used to create a rooted device it acts like
a real device in this manner, it even will simulate the MFD if
you specify [000000].
If your default directory is not at the top of a real or rooted
device then [*...] will pack up directory levels closer to the MFD
than your current default.
------------------------------
Date: Sun, 27 Apr 2008 23:58:25 -0700 (PDT)
From: "Bart.Zorn@gmail.com" <Bart.Zorn@gmail.com>
Subject: Re: Time synchronization
Message-ID: <2d16d63c-df92-499e-aeb9-5e484aab6c74@m44g2000hsc.googlegroups.com>
Marc,
Because of the "if it ain't broken, don't fix it" theorem, we run DTSS
on all nodes. In each datacenter, two of the nodes are configured as
server, the rest is clerk. Also, in each datacenter, one server also
runs the DTSS$PROVIDER_NTP as found in SYS$COMMON:
[SYSHLP.EXAMPLES.DTSS].
The only problem is that there is no automatic detection of ntp
servers (although I do not know if there is such functionality in ntp
at all). When the the network team saw it fit to replace the ntp
servers they did not bother to tell us.
Regards,
Bart Zorn
On Apr 25, 3:46 pm, Marc Van Dyck <marc.vand...@brutele.be> wrote:
> What is the most sensible way to synchronize the time in a mid-size
> OpenVMS farm today ?
>
> - Use NTP everywhere and forget the rest ?
> - Use DTSS with an NTP time provider ?
> - Synchronize time on internet time server ?
> - Use a radio time source ?
> - ...
>
> The installation I speak about is made of about 20 systems, some
> clustered, some not. Mix Alpha/Itanium. And surrounded by a much
> larger population of Unix and Windows systems.
>
> What are other people over here doing ?
>
> --
> Marc Van Dyck
------------------------------
End of INFO-VAX 2008.237
************************