SSH for OpenVMS v1.0 Release Notes Table of Contents Chapter 1 Introduction 1.1 Typographical Conventions.............................1 1.2 Obtaining Technical Support...........................1 1.2.1 Before Contacting Technical Support.........2 1.2.2 Sending Electronic Mail.....................2 1.2.3 Calling Technical Support...................2 1.2.4 Contacting Technical Support by Fax.........3 1.2.5 World Wide Web..............................3 1.3 Obtaining Online Help.................................3 1.4 CD-ROM Documentation Contents.........................4 1.5 Documentation Comments................................4 1.6 Accessing the SSH Public Mailing List.................5 Chapter 2 SSH for OpenVMS Features and Known Problems 2.1 SSH for OpenVMS Features..............................6 2.1.1 Secure Copy Protocol (SCP)..................6 2.1.2 Secure Shell (SSH)..........................6 2.2 Known Problems........................................7 2.2.1 Secure Shell (SSH)..........................7 Chapter 3 Documentation Updates 3.1 Changes Not made to the PDF and HTML Documentation....8 3.1.1 Removing SSH for OpenVMS from your System...8 i SSH for OpenVMS v1.0 RELEASE NOTES Chapter 1 Introduction These Release Notes describe SSH for OpenVMS version 1.0. This set of product Release Notes describes conventions used in the SSH for OpenVMS documentation set and the various methods to contact and receive technical support. 1.1 Typographical Conventions ============================= Examples in these release notes use the following conventions: Convention Example Meaning ======================================= Angle brackets Represents a key on your keyboard. Angle brackets with a slash Indicates that you hold down the key labeled or while simultaneously pressing another key; in this example, the "A" key. Square brackets [FULL] Indicates optional choices; you can enter none of the choices, or as many as you like. When shown as part of an example, square brackets are actual characters you should type. Underscore or file_name Between words in commands, indicates the hyphen or item is a single element. file-name 1.2 Obtaining Technical Support ================================ Process Software provides technical support if you have a current Maintenance Service Agreement. If you obtained SSH for OpenVMS from an authorized distributor or partner, you receive your technical support directly from them. You can contact Technical Support by: o Sending electronic mail (Section 1.2.2) o Calling Technical Support (Section 1.2.3) o Faxing a description of your problem to the Technical Support Group (Section 1.2.4) o Obtaining information from the World Wide Web (Section 1.2.5) 1 1.2.1 Before Contacting Technical Support ========================================== Before you call, or before you send email or a fax: 1. Verify that your Maintenance Service Agreement is current. 2. Have the following information available: -Your name -Your company name -Your email address -Your voice and fax telephone numbers -Your Maintenance Contract Number -OpenVMS architecture -OpenVMS version -TCP/IP Services for OpenVMS version -SSH for OpenVMS version 4. Have complete information about your configuration, error messages that appeared, and problem specifics. 5. Be prepared to let a Development engineer connect to your system either with TELNET or by dialing in using a modem. Be prepared to give the engineer access to a privileged account to diagnose your problem. 1.2.2 Sending Electronic Mail ============================= For many questions, electronic mail is the preferred communication method. Technical support via electronic mail is available to customers with a current support contract. Send electronic mail to support@process.com. At the beginning of your mail message, include the information listed in Section 1.2.1, "Before Contacting Technical Support." Continue with the description of your situation and problem specifics. Include all relevant information to help your Technical Support Specialist process and track your electronic support request. Electronic mail is answered within the desired goal of two hours, during our normal business hours, Monday through Friday from 8:30 a.m. to 5:00 p.m., United States Eastern Time. 1.2.3 Calling Technical Support =============================== If you are calling within the continental United States or Canada, call Process Software Technical Support toll-free at 800-394-8700. If you are calling from outside the continental United States or Canada, dial +1-508-628-5074. Please be ready to provide your name, company name, and telephone number. For regular support issues, call Monday through Friday from 8:30 a.m. to 6:00 p.m., United States Eastern Time. 2 For our customers in North America with critical problems, an option for support 7 days per week, 24 hours per day is available at an additional charge. Please contact your Account Representative for further details. If our Support Specialists are assisting other customers and you are put on hold, please stay on the line. Most calls are answered in less than five minutes. If you cannot wait for a Specialist to take your call, please take advantage of our automatic call logging feature by sending email to support@process.com (see Section 1.2.2, "Sending Electronic Mail"). 1.2.4 Contacting Technical Support by Fax =========================================== You can send fax transmissions directly to Technical Support at 508-879-0042. Before faxing comments or questions, complete the steps in Section 1.2.1, "Before Contacting Technical Support" and include all your system information at the beginning of your fax message. Continue with the description of your situation and problem specifics. Include all relevant information to help your Technical Support Specialist process and track your fax support request. Faxed questions are answered Monday through Friday from 8:30 a.m. to 7.00 p.m. United States Eastern Time. 1.2.5 World Wide Web ==================== There is a variety of useful technical information available on our World Wide Web home page, http://www.process.com (select Support). 1.3 Obtaining Online Help ========================== Extensive information about SSH for OpenVMS is provided in the SSH help library. For more information, enter the following command: $ HELP SSH 3 1.4. CD-ROM Contents ==================== The CD directory structure for SSH for OpenVMS is as follows: [BINDDOC] [DOCUMENTATION] [.HTML] (base MultiNet V4.4 HTML files) [.ADMIN_GUIDE] [.ADMIN_REFERENCE] [.MESSAGES] [.PROGRAMMERS_REFERENCE] [.USER_GUIDE] [.PDF] (base MultiNet V4.4 PDF files) [.PS] (base MultiNet V4.4 Postscript files) [.SSH_OPENVMS] [.HTML] (SSH for OpenVMS HTML files) [.PDF] SSH_OPENVMS.PDF (SSH for OpenVMS PDF files) [INFO-SSH] [LYNX] (Lynx browser sources and binaries) [.AXP] for Alpha images [.VAX] for VAX images [MULTINET044] MultiNet SSH Savesets [RFCs] [VAX55_DECC_RTL] (DECC RTL patch v6.0 for VAX) [XPDF] [.AXP] for Alpha images [.DOC] documentation [.VAX] for VAX images 1.5 Documentation Comments ========================== Your comments about the information in these Release Notes can help us improve the documentation. If you have corrections or suggestions for improvement, please let us know. Be as specific as possible about your comments: include the exact title of the document, version, date, and page references as appropriate. You can send your comments by email to: techpubs@process.com or mail them to: Process Software 959 Concord Street Framingham, MA 01701-4682 Attention: Marketing Manager You can also fax your comments to us at 508-879-0042. Your comments about our documentation are appreciated. 4 1.6 Accessing the SSH Public Mailing List =============================================== Process Software maintains two public mailing lists for SSH for OpenVMS customers: --Info-SSH@process.com --SSH-Announce@process.com The Info-SSH@process.com mailing list is a forum for discussion among SSH for OpenVMS system managers and users. Questions and problems regarding SSH for OpenVMS can be posted for a response by any of the subscribers. To subscribe to Info-SSH, send a mail message with the word "SUBSCRIBE" in the body to Info-SSH-request@process.com. You can retrieve the Info-SSH archives by anonymous FTP to ftp.multinet.process.com. The archives are located in the directory [.MAIL_ARCHIVES.INFO-SSH]. The SSH-Announce@process.com mailing list is a one-way communication (from Process Software to you) used to post announcements relating to SSH (patch releases, product releases, etc.). To subscribe to SSH-Announce, send a mail message with the word "SUBSCRIBE" in the body to SSH-Announce-request@process.com. You can retrieve the SSH-Announce archives by anonymous FTP to ftp.multinet.process.com. The archives are located in the directory [.MAIL_ARCHIVES.SSH-ANNOUNCE]. 5 Chapter 2 SSH for OpenVMS Features and Known Problems ============================================================================ 2.1 Features ============ This section describes the features provided in SSH for OpenVMS v1.0. 2.1.1 Secure Copy Protocol (SCP) o A Secure Copy (SCP) client and server are provided. This Secure File Transfer feature has one specified format -- BINARY. Also, the defined syntax for a file specification is UNIX syntax. Due to these restrictions, files that are transferred from dissimilar systems may or may not be useful. Process Software has used methods available in the protocol to attempt to improve the likelihood that files will be useful upon transfer. Process Software has used the defined extensions in the protocol to transfer information about the OpenVMS file header characteristics such that when a file is transferred between two OpenVMS systems running SSH for OpenVMS, TCPware 5.6, or MultiNet v4.4 (or later), the file header information will also be transferred and the file will have the same format on the destination system as it had on the source system. Also, when a file is transferred to a non-OpenVMS system, a method has been provided to translate those files that can be translated into a format that will be usable on the remote system. Files that are transferred from non-OpenVMS systems are stored as stream files on the OpenVMS system, which provides compatibility for text files from those systems. o SCP2 consists of the client program SCP2, which includes an embedded SFTP server for local file access, and SFTP-SERVER2, which runs on the remote system to access the file. SCP2 communicates with SSH2 for authentication and transport (which includes encryption) to remote systems, SFTP-SERVER2 communicates with SSH2 for data transport. 2.1.2 Secure Shell (SSH) o A single SSH client is provided that supports both the SSH1 and SSH2 protocols on remote systems. Independent servers to support both the SSH1 and SSH2 protocols are provided. o An SSH V1 server and an SSH V2 server are provided. 6 2.2 Known Problems ================== This section describes the known problems in SSH for OpenVMS version 1.0. 2.2.1 Secure Shell (SSH) Known Problems o The SSH server generates an intrusion record if logins are disabled. (D/E 8065) o The SSH V1 server daemon will accumulate I/O while idle, though this does not use a significant amount of CPU time. o The SSH2 server does not properly disconnect after the login grace time is reached. (D/E 8189) o If the evaluation license expires with the SSHD Master process running, incoming SSH sessions hang. (D/E 8201) o On a UNIX system, if the user uses the -f flag to force the SSH client into the background, the VMS SSH server will sometimes fail with an ACCVIO error. This may be worked around by either a) not putting the client into the background, or b) using the "&" form of a UNIX command to put the client into the background (e.g., "ssh foo 'dir *.txt' &"). (D/E 8149) o For each incoming SSH2 session an sshd.log is created in the ssh_log: location that contains the text: SSHD 000[0000011E]: WARNING: Host key pair is not specified, trying to use default 'multinet_ssh2_hostkey_dir:hostkey.'. By uncommenting and changing the lines in ssh2_dir:sshd2_config. as follows: HostKeyFile "multinet_ssh2_hostkey_dir:hostkey." PublicHostKeyFile "multinet_ssh2_hostkey_dir:hostkey.pub" this warning can be eliminated; however, a blank sshd.log file is still created for each incoming SSH2 session regardless of the SSH server debug level setting. (D/E 7940) 7 Chapter 3 Documentation Updates =============================== 3.1 Changes Not made to the PDF and HTML documentation ======================================================= The following information is not included in the SSH for OpenVMS Administration and User's Guide, Chapter 3. 3.1.1 Removing SSH for OpenVMS from your System ================================================ There are several steps involved in removing SSH for OpenVMS from your system: 1. If SSH for OpenVMS is currently running, shut it down: $ SSHCTRL SHUTDOWN If SSH for OpenVMS is running on multiple nodes of a VMScluster with a shared system disk, the above shutdown command must be executed on each node of the cluster. 2. Execute the REMOVE command procedure: $ @:[MULTINET..SYSCOMMON.MULTINET.PSCSSH]REMOVE.COM where device is the device name on which the product is installed and node is the nodename on which the product is installed. For example: $ @DKA0:[MULTINET.TULIP.SYSCOMMON.MULTINET.PSCSSH]REMOVE.COM NOTE: The above command and example assumes a default installation. 3. If SSH for OpenVMS was installed on multiple nodes of a VMScluster with a shared system disk, REMOVE.COM will not remove node-specific files from those cluster nodes. It will be necessary to remove these files by hand. 4. If SSH for OpenVMS was installed on multiple nodes of a VMScluster with a shared system disk, it is necessary to replace the DCLTABLES loaded in system memory on those cluster nodes: $ INSTALL REPLACE SYS$LIBRARY:DCLTABLES.EXE 8