Re: TCP/IP - SSH Does Not Support External Password Authentication (441 Views)
Reply
Occasional Advisor
Joost van der Knaap
Posts: 10
Registered: ‎09-19-2008
Message 1 of 5 (441 Views)

TCP/IP - SSH Does Not Support External Password Authentication

In 2006 this statement is detailed in <>

Where can I find out what plans there are to support this or if support already exists?

I would like to be able to have incoming ssh sessions use the ACME ldap-std.
Honored Contributor
Wim Van den Wyngaert
Posts: 4,562
Registered: ‎12-10-2003
Message 2 of 5 (441 Views)

Re: TCP/IP - SSH Does Not Support External Password Authentication

Occasional Advisor
Joost van der Knaap
Posts: 10
Registered: ‎09-19-2008
Message 3 of 5 (441 Views)

Re: TCP/IP - SSH Does Not Support External Password Authentication

So, the latest news is still 'Converting various TCP/IP Services components (IMAP, POP, PCNFS, XDM, and yes, SSH) to use the $ACM system service for password authentication is on the worklist for a future release.'

Is there any news on an actual release date for this future release? I don't need an exact date, but to quote one of Mel Brooks' masterpieces "When will then be now?"
Occasional Advisor
Joost van der Knaap
Posts: 10
Registered: ‎09-19-2008
Message 4 of 5 (441 Views)

Re: TCP/IP - SSH Does Not Support External Password Authentication

Could this be a possible workaround?

Create a captive account, which all users must use when they set up an ssh session to the openvms platform.
Restrict this captive account to execute a seth 0, forcing the user to provide his/her own credentials.
ACME LDAP will pick up the auth for accounts that have the remauth flag set.
Make sure that the OpenVMS system only allows ssh sessions for the captive account (sylogin.com).

Haven't tested this yet and I don't know if such a setup will process incoming sftp sessions properly...
Occasional Advisor
Joost van der Knaap
Posts: 10
Registered: ‎09-19-2008
Message 5 of 5 (441 Views)

Re: TCP/IP - SSH Does Not Support External Password Authentication

Solved through third party software.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.