05-24-2011 03:24 PM
One day, out of the blue, the SSH server on one of the nodes quits working. Logins rejected immediately. The run log only has this message:
%DCL-E-NOCMDPROC, error opening captive command procedure - access denied
Protections on those files that get run, TCPIP$SSH_DEVICE:LOGIN.COM & TCPIP$SYSTEM:TCPIP$SSH_RUN.COM, are
If we remove the restricted from the account that runs SSH, we can log in and the log indicates that LOGIN.COM does get run first and then TCPIP$SYSTEM:TCPIP$SSH_RUN.COM. Both files are executed without error so they are readable by the SSH account but there is something that makes OpenVMS reject the LOGIN.COM when the account is restricted.
I almost forgot to mention, the other node in the cluster has no problem with SSH. Both nodes use the same SSH account but have separate system disks with separate SSH files. We can find no differences in the files especially in protection.
05-24-2011 07:37 PM - last edited on 08-08-2011 01:49 PM by Kevin_Paul
The similar topic was discussed in the below thread.
Also refer the online help for the error message DCL-E-NOCMDPROC.
NOCMDPROC, error opening captive command procedure - access denied
Facility: CLI, Command Language Interpreter (DCL)
Explanation: When you attempted to log in, you failed because you have a
captive account and DCL received an error during the login.
For example, DCL could not find your LOGIN.COM file. You
may also have incorrect protection on the system's SYLOGIN
file (SYS$MANAGER:SYLOGIN.COM or /SYSTEM/EXEC logical). The
system's SYLOGIN file must be protected with at least WORLD:E
access to the file and the directory that contains it.
User Action: See your system manager.
05-25-2011 09:13 AM