13-APR-1999
This directory contains the sources for a crude SSH server for VMS. Some
local customization may be needed to build and install this program.
Requirements:
OpenVMS 6.2 or higher.
DEC C compiler, 5.4 or higher.
DEC TCP/IP Services for OpenVMS (UCX) or Multinet with UCX emulation.
OpenSSL 0.9.2b or SLeay 0.8.1, with patch to support RSA_NO_PADDING.
(do not use RSAREF option with SSLeay/OpenSSL, it DOES NOT WORK)
(SSLeay is available from http://www.free.lp.se/ssleay/).
(optional):
DECnet (for SSH 'command' mode when not using initiator program).
Building:
First edit ssl_location.mms and change the lines that begin "!ssllib =" and
"!sslinc =", removing the "!" and making the values reflect the correct
directories for your SSLeay installation.
Use one of the following commands to build the executables:
$ MMS all
$ @build_ssh_server.com
There are 6 executables and 1 shareable image produced by the build:
SSH_SERVER.EXE Main server, runs in detached process and
accepts multiple incoming SSH connections via
DECthreads multi-threading.
RSA_ENGINE.EXE Runs in sub-process created by SSH_SERVER
and handles the computationally intensive
RSA decryption used to exchange the session
key.
KEY_GENERATOR.EXE Runs in sub-process created by SSH_SERVER
and handles periodic generation of new
RSA server key (skey.pem).
INITIATOR.EXE Runs in sub-process created by SSH_SERVER and
handles creating the login processes (under
client's username) for client connections.
SETHOST_SSH.EXE Primitive client program for exercising SSH
server when other client's aren't available.
SSH_LOGINOUT.EXE Program run by user processes to mimic
normal loginout reporting (last login, newmail,
etc). To work properly, this program must be
installed with sysprv.
SSHCRYPTOSHR.EXE Shareable image that provides the common
cryptographics routines (SSLeay) used by
4 of the executable images.
Installation:
First, you must generate 2 RSA private keys, each in a separate key
file: skey.pem and hkey.pem. Invoking the ssh_server_startup.com
procedure with a P1 value of "INITIAL_KEY" will generate these key files.
You can alternatively generate the files using the genrsa application
provided with SSLeay with the following restrictions:
- The key lengths must differ by 256 or more bits (e.g. 768, 1024).
- The files must be in PEM format and must NOT be password protected.
Protect the key files against access from non-privileged users.
Copy the SSHEXEC.COM command procedure to the same directory as the
login file pointed to by the sys$sylogin logical and make world readable.
Edit ssh_parameters.dat so the parameter file lines host_key and
server_key point to the pem files created in the previous step.
Test the server by invoking ssh_server_startup.com with a P1 value of
"TEST" (i.e. "$ @ssh_server_startup test"). In test mode, the server
is run interactively rather than creating a detached process to run
the server.
Modify your system startup procedures to invoke ssh_server_startup
during boot and install ssh_loginout.exe with sysprv.
Edit your system's sys$sylogin procedure to include ssh_login.com
so that logins via SSH mimic the informational displays of a conventional
login. This step is mandatory for X11 support to function properly.
Notes and caveats:
If you are running UCX 4.1, be sure you have are at least eco 7, there
are bugs in earlier version that cause corrupted packets.
The sethost_ssh program is provided to aid in server testing only.
The only cipher types supported are none, idea, des, 3des, RC4, and
blowfish. By default all ciphers are but none are enabled, you can exit
the parameters file to change the ilst of allowed ciphers.
The only authentication types supported are password and RSA. The user
password must match the SYSUAF entry.
X-11 tunneling is supported but has serious security considerations.
Any logged in VMS user may connect to the X11 server being proxied through
the SSH connection.
There are three methods by which the SSH server creates user processes
in response to a new request, which is used depends upon the parameter
file options chosen:
1. Via the initiator helper program, run as a sub-process of the
server process. This method will be used if the parameter file
contains a definition for the initiator parameter.
2. Via DECnet task (SSHEXEC), used for 'command' (non-PTY) mode.
This method uses username and password in the DECnet access control
string to run the task as the target user and can therefore only
be used with password authentication (no RSA).
3. Via latent login to a pseudo-terminal (PDT), capturing "Username: "
and "Password: " prompts and responding appropriately. This method
too is limited to password authentication only. Note that if your
system does not use these prompts, you will have to edit cport_pty.c
to look for the right strings.
The PTY's for 'shell' mode are created with default terminal characteristics
set by SYSGEN parameters TTY_DEFCHAR and TTY_DEFCHAR2 plus any changes
specified in the parameters file. The screen size (rows, columns) and
echo state specified in the ssh PTY request are the only client-specified
parameters observed.
Window_size requests send during interactive phase are ignored.
Do not set the PTY /nohostsync. The PTY control routines disable input
when the typeahead buffer is full and if /nohostsync is set the terminal
will never get a signal to resume input.
If the typeahead buffer on the PTY fills, control-Ys sent by the client
will sit in the TCP stream until all pending input is read.
The sethost_ssh program sets the local terminal /pasthru/noecho. If the
program crashes without executing the exit handler, the terminal may
be left in this state. Since /pasthru inhibits control-Y from
interrupting the program, it uses control-\ as an escape character, forcing
immediate exit of the program.
-------------------------------------------------------------------------------
David L. Jones | Phone: (614) 292-6929
Ohio State University | Internet:
140 W. 19th St. Rm. 231a | jonesd@kcgl1.eng.ohio-state.edu
Columbus, OH 43210 | vman+@osu.edu