1 INFO-VAX	Thu, 07 Dec 2006	Volume 2006 : Issue 672       Contents:! Re: Alpha sales extended 6 months ! Re: Alpha sales extended 6 months ! Re: Alpha sales extended 6 months  Re: Alternative to FTP, Re: Default sys$manager:sylogin.com question, Re: Default sys$manager:sylogin.com question" Re: Do I need all TCPIP$BIND files" Re: Do I need all TCPIP$BIND files" Re: Do I need all TCPIP$BIND files" Re: Do I need all TCPIP$BIND files" Re: Do I need all TCPIP$BIND files" Re: Do I need all TCPIP$BIND files" Re: Do I need all TCPIP$BIND files Re: Homemaid keycap mnemonics ?  Re: Mozilla  Re: Mozilla 8 Re: New location for GNV compatible .PCSI$COMPRESS kits. public-key ssh out of VMS 7.3-1 # Re: public-key ssh out of VMS 7.3-1  Re: recursive copy in VMS  Re: recursive copy in VMS  SSH Attacks  Re: SSH Attacks  Re: SSH Attacks  Re: SSH Attacks  Re: Who called me?  F ----------------------------------------------------------------------  % Date: Wed, 06 Dec 2006 11:31:21 -0800 * From: "Tom Linden" <tom@kednos-remove.com>* Subject: Re: Alpha sales extended 6 months) Message-ID: <op.tj5kijo1tte90l@hyrrokkin>   G On Wed, 06 Dec 2006 11:20:40 -0800, ChrisQuayle <nospam@devnul.co.uk>    wrote:   > Bob Koehler wrote:F >> In article <4575faf1$0$1629$9a6e19ea@news.newshosting.com>, "Neil  ( >> Rieck" <n.rieck@sympatico.ca> writes: >>J >>> 1) the new architecture was significantly more powerful than the old   >>> one E >>> 2) the new architecture was cheaper (and thus worth doing a port) H >>      There may be some application somewhere which didn't enjoy this,J >>    but both of these were true all the way back to beta-system shipment >>    of Alphas. >> > I > What you're saying is that Alpha was much faster than the competition   K > from the start, while itanium has always struggled to keep up, right ?.   $ > Just in case anyone misunderstood. > H > After all the billions of $ down the plughole, all they seem to have  I > built is a chip that is only just starting to creep ahead of a 5 year   L > old design. Just imagine where we would be now if all those billions had  J > been given to a competant design team and management, like dec's alpha   > design team, for example.   I AMD announced yesterday expansion of the 65nm line and announced mid 2008 / for the 45nm.  Where is Itanium in this regard?    > K > Good and innovative design is more than just investment and engineering   L > talent - it's about company culture and values. The sum becoming greater  L > than the sum of the parts. With Intel, one suspects too much politics. A  + > triumph of style over substance indeed...  >  > Chris        --  E Using Opera's revolutionary e-mail client: http://www.opera.com/mail/    ------------------------------   Date: 6 Dec 2006 17:44:28 -0400 7 From: "Gareth V. Williams" <graff@cfa0.cfa.harvard.edu> * Subject: Re: Alpha sales extended 6 months. Message-ID: <457747cc@cfanews.cfa.harvard.edu>  E David Turner, Island Computers US Corp <dbturner@islandco.com> wrote: 1 : I guess that's good news for some of you !  :0( : : We intend to go a lot longer in Alpha sales than that... : FYI...  F   Not directly related to this topic, but is your mail system working?H Mail to your islandco.com address has been bouncing with "User unknown".  
     Gareth     --  H ------------------------------------------------------------------------H Gareth V. Williams, MS 18, 60 Garden Street, Cambridge, MA 02138, U.S.A.+ Associate Director, IAU Minor Planet Center H gwilliams@cfa.harvard.edu        http://cfa-www.harvard.edu/iau/mpc.html7 OpenVMS & RISC OS: refined choices in operating systems    ------------------------------  % Date: Wed, 06 Dec 2006 21:27:12 -0500 ( From: Bill Todd <billtodd@metrocast.net>* Subject: Re: Alpha sales extended 6 monthsG Message-ID: <k_udnRc5Oo2Z4erYnZ2dnUVZ_uWdnZ2d@metrocastcablevision.com>    Tom Linden wrote:    ...   K > AMD announced yesterday expansion of the 65nm line and announced mid 2008 1 > for the 45nm.  Where is Itanium in this regard?   I Last I heard, Montvale (scheduled to ship in late 2007) will still be at  I 90 nm. (it's pretty clear that if they had planned on it being that late  F from the start they *could* have arranged for it to be produced at 65 I nm., but if the Montecito schedule fiasco hadn't occurred Montvale would  I have appeared before that would have been feasible - and by the time the  D Montecito dust settled, it was apparently too late to change plans).  G Tukwila (scheduled to tape out in early 2008, which presumably means a  G mid-to-late-2009 ship) is still reportedly planned as the first 65 nm.  G Itanic (again, if it hadn't slipped so much 45 nm. would have been far  D too ambitious - but, again, it now may be too late to change plans).  ; Tukwila supposedly will incorporate the CSI (common system  F interconnect?) EV7-like architecture that Xeon should get sometime in E 2008.  I suspect that the only reason Intel will ship Tukwila at all  I will be because of commitments to OEMs (if they still care by that time)  G - and the Itanic that had been scheduled to follow Tukwila ('Poulson')  % is now reportedly on indefinite hold.    - bill   ------------------------------  % Date: Wed, 06 Dec 2006 19:18:30 -0500 6 From: =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> Subject: Re: Alternative to FTP 7 Message-ID: <45775dcc$0$49204$14726298@news.sunsite.dk>    Mike wrote: I > We are using the DOS prompt to FTP because all the fancy .NET ftp stuff  > doesn't seem to like VMS.   : I have some C# code that will works with a VMS FTP server.   Arne   ------------------------------   Date: 6 Dec 2006 22:23:21 GMT ) From: Hans Bachner <Hans@Bachner.priv.at> 5 Subject: Re: Default sys$manager:sylogin.com question 0 Message-ID: <el7jd8.71.1@usenet.bachner.priv.at>  < Bob Koehler <koehler@eisner.nospam.encompasserve.org> wrote:   <snip>  ) >    Look for /page=xx on "set terminal".   F No, $ SET TERM /PAGE=xx is harmless and does not clear the screen. As I others have mentioned, it's the /WIDTH qualifier which clears the screen.    Hans.    ------------------------------  % Date: Wed, 06 Dec 2006 17:28:27 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> 5 Subject: Re: Default sys$manager:sylogin.com question 8 Message-ID: <457742d1$0$30600$c3e8da3@news.astraweb.com>   Hans Bachner wrote: * >>    Look for /page=xx on "set terminal". > H > No, $ SET TERM /PAGE=xx is harmless and does not clear the screen. As K > others have mentioned, it's the /WIDTH qualifier which clears the screen.     J I had said to "LOOK FOR" it, as in locate the line with that string on it + and remove the /PAGE and /WIDTH qualifiers.    ------------------------------  % Date: Wed, 06 Dec 2006 14:40:04 -0800 * From: "Tom Linden" <tom@kednos-remove.com>+ Subject: Re: Do I need all TCPIP$BIND files ) Message-ID: <op.tj5s82q7tte90l@hyrrokkin>   J On Tue, 28 Nov 2006 19:33:25 -0800, Steven M. Schweda <sms@antinode.org>   wrote:  G >    Named needs write permission on the directory containing the file. E >    Named writes the new cache file to a temporary file then renames G >    it to the name specified in named.conf to ensure that the contents I >    are always complete. This is to prevent named loading a partial zone G >    in the event of power failure or similar interrupting the write of  >    the master file. 
 >    [...]# > which certainly looks suspicious.   I Well, that was the answer, thanks.  Wrong UIC on three of the db records.    Second item, On this system 4    HP TCP/IP Services for OpenVMS Alpha Version V5.6C    on a COMPAQ Professional Workstation XP1000 running OpenVMS V8.3   G there is no 127_0_0.DB which I have on all the other nodes.  Was this a G change or do I need to create one here?  I note that on the other three ) nodes, they are identical.  copy it over?      --  E Using Opera's revolutionary e-mail client: http://www.opera.com/mail/    ------------------------------  * Date: Wed, 6 Dec 2006 18:05:06 -0600 (CST)* From: sms@antinode.org (Steven M. Schweda)+ Subject: Re: Do I need all TCPIP$BIND files 2 Message-ID: <06120618050673_2020028F@antinode.org>  * From: "Tom Linden" <tom@kednos-remove.com>  6 >    HP TCP/IP Services for OpenVMS Alpha Version V5.6E >    on a COMPAQ Professional Workstation XP1000 running OpenVMS V8.3  > I > there is no 127_0_0.DB which I have on all the other nodes.  Was this a I > change or do I need to create one here?  I note that on the other three + > nodes, they are identical.  copy it over?   H    In mine it says, "Provided for Digital TCP/IP Services for OpenVMS.",H which is certainly suggestive.  If your TCPIP$BIND.CONF sprcifies it, it7 probably ought to exist, don't you think?  Around here:     zone "0.0.127.IN-ADDR.ARPA" in {         type master;         file "127_0_0.DB"; };  H    It's all pretty standard.  I suspect that it's all your fault if it's missing.  H ------------------------------------------------------------------------  3    Steven M. Schweda               sms@antinode-org 4    382 South Warwick Street        (+1) 651-699-9818    Saint Paul  MN  55105-2547    ------------------------------  % Date: Wed, 06 Dec 2006 16:25:11 -0800 * From: "Tom Linden" <tom@kednos-remove.com>+ Subject: Re: Do I need all TCPIP$BIND files ) Message-ID: <op.tj5x39natte90l@hyrrokkin>   J On Wed, 06 Dec 2006 16:05:06 -0800, Steven M. Schweda <sms@antinode.org>   wrote:  , > From: "Tom Linden" <tom@kednos-remove.com> > 7 >>    HP TCP/IP Services for OpenVMS Alpha Version V5.6 F >>    on a COMPAQ Professional Workstation XP1000 running OpenVMS V8.3 >>J >> there is no 127_0_0.DB which I have on all the other nodes.  Was this aJ >> change or do I need to create one here?  I note that on the other three, >> nodes, they are identical.  copy it over? > J >    In mine it says, "Provided for Digital TCP/IP Services for OpenVMS.",J > which is certainly suggestive.  If your TCPIP$BIND.CONF sprcifies it, it9 > probably ought to exist, don't you think?  Around here:  > " > zone "0.0.127.IN-ADDR.ARPA" in { >         type master; >         file "127_0_0.DB"; > };  J I have the following entry on my other nodes, but not this one.  What am IG missing by not having this entry?  Why do I have allow-transfer and you  don't?  What does it do?    zone "0.0.127.in-addr.arpa" IN {          type master;           file "127_0_0.db"; !          allow-transfer { any; };  };     > J >    It's all pretty standard.  I suspect that it's all your fault if it's
 > missing. > J > ------------------------------------------------------------------------ > 5 >    Steven M. Schweda               sms@antinode-org 6 >    382 South Warwick Street        (+1) 651-699-9818 >    Saint Paul  MN  55105-2547        --  E Using Opera's revolutionary e-mail client: http://www.opera.com/mail/    ------------------------------  * Date: Wed, 6 Dec 2006 18:49:07 -0600 (CST)* From: sms@antinode.org (Steven M. Schweda)+ Subject: Re: Do I need all TCPIP$BIND files 2 Message-ID: <06120618490738_2020028F@antinode.org>  * From: "Tom Linden" <tom@kednos-remove.com>  L > I have the following entry on my other nodes, but not this one.  What am II > missing by not having this entry?  Why do I have allow-transfer and you  > don't?  What does it do? > " > zone "0.0.127.in-addr.arpa" IN { >          type master;  >          file "127_0_0.db"; # >          allow-transfer { any; };  > };  C    I'd guess that what you're missing is (reverse) name look-up for 
 127.0.0.1.  G    As for why you have allow-transfer, you're asking the wrong guy.  It D may be a new default feature in files supplied with TCPIP newer thanB mine.  It's hard for me to imagine who would be transferring theseC particularly local data, but I don't get around much.  It should be  harmless, in any case.  ?    Being too lazy to read the BIND documentation, I assume that H "allow-transfer" controls access to data requests from other (secondary)( name servers, zone by zone in this case.  H ------------------------------------------------------------------------  3    Steven M. Schweda               sms@antinode.org 4    382 South Warwick Street        (+1) 651-699-9818    Saint Paul  MN  55105-2547    ------------------------------  % Date: Wed, 06 Dec 2006 17:06:03 -0800 * From: "Tom Linden" <tom@kednos-remove.com>+ Subject: Re: Do I need all TCPIP$BIND files ) Message-ID: <op.tj5z0dnatte90l@hyrrokkin>   I On Wed, 06 Dec 2006 16:49:07 -0800, Steven M. Schweda <sms@antinode.org>=    =    wrote:  , > From: "Tom Linden" <tom@kednos-remove.com> > I >> I have the following entry on my other nodes, but not this one.  What=    =    >> am I I >> missing by not having this entry?  Why do I have allow-transfer and y=  ou >> don't?  What does it do?  >># >> zone "0.0.127.in-addr.arpa" IN {  >>          type master; >>          file "127_0_0.db";$ >>          allow-transfer { any; }; >> };  > E >    I'd guess that what you're missing is (reverse) name look-up for  > 127.0.0.1.  I Sorry, I was mistaken and there is change with 5.6, they intoduced a new=   8 record, loopback.db, which appears to replace 127_0_0.DB In the new conf file" zone "1.0.0.127.in-addr.arpa" IN {          type master;           file "loopback.db";!          allow-transfer { any; };  };   and in the old    zone "0.0.127.in-addr.arpa" IN {          type master;           file "127_0_0.db"; !          allow-transfer { any; };  };  > Note the diference in the new one it is specifically 127.0.0.1  I Not sure what all that means other than no loopback on 127.0.0.x for x ^=  =3D 1    > I >    As for why you have allow-transfer, you're asking the wrong guy.  I=  t F > may be a new default feature in files supplied with TCPIP newer thanD > mine.  It's hard for me to imagine who would be transferring theseE > particularly local data, but I don't get around much.  It should be  > harmless, in any case. > A >    Being too lazy to read the BIND documentation, I assume that I > "allow-transfer" controls access to data requests from other (secondar=  y)* > name servers, zone by zone in this case. > I > ----------------------------------------------------------------------=  -- > 5 >    Steven M. Schweda               sms@antinode.org 6 >    382 South Warwick Street        (+1) 651-699-9818 >    Saint Paul  MN  55105-2547        -- =  E Using Opera's revolutionary e-mail client: http://www.opera.com/mail/    ------------------------------  * Date: Wed, 6 Dec 2006 19:24:41 -0600 (CST)* From: sms@antinode.org (Steven M. Schweda)+ Subject: Re: Do I need all TCPIP$BIND files 2 Message-ID: <06120619244115_2020028F@antinode.org>  * From: "Tom Linden" <tom@kednos-remove.com>   > In the new conf file$ > zone "1.0.0.127.in-addr.arpa" IN { >          type master;  >          file "loopback.db";# >          allow-transfer { any; };  > }; >  > and in the old > " > zone "0.0.127.in-addr.arpa" IN { >          type master;  >          file "127_0_0.db"; # >          allow-transfer { any; };  > }; > @ > Note the diference in the new one it is specifically 127.0.0.1 > K > Not sure what all that means other than no loopback on 127.0.0.x for x ^=  > =3D 1   A    In the old file, the only PTR record was for 1, anyway.  Here, D "loopback" is only a file name, so "no loopback" makes no sense.  IfA "nslookup 127.0.0.1" returns "localhost" (or whatever else you've G specified), then BIND must be ok.  Until you start using addresses like % 127.0.0.X, where X is not 1, that is.   H ------------------------------------------------------------------------  3    Steven M. Schweda               sms@antinode-org 4    382 South Warwick Street        (+1) 651-699-9818    Saint Paul  MN  55105-2547    ------------------------------  % Date: Wed, 06 Dec 2006 23:37:15 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> + Subject: Re: Do I need all TCPIP$BIND files 8 Message-ID: <45779acc$0$28617$c3e8da3@news.astraweb.com>   Tom Linden wrote: I > there is no 127_0_0.DB which I have on all the other nodes.  Was this a I > change or do I need to create one here?  I note that on the other three + > nodes, they are identical.  copy it over?  >    This is what I have:  & $DISK1:[TCPIP$BIND_COMMON]127_0_0.DB;1   ; D ; BIND data file for local loopback interface (reverse translation). ; 3 ; Provided for Digital TCP/IP Services for OpenVMS.  ;  $ORIGIN 0.0.127.in-addr.arpa. D @                       1D IN SOA       localhost. root.localhost. (A                                          42              ; Serial B                                          3H              ; Refresh@                                          15M             ; RetryA                                          1W              ; Expiry B                                          1D )            ; Minimum ; 3                          1D IN NS        localhost. 2 1                       1D IN PTR       localhost.  ; Looks pretty standard to me. But it isn't in the templates  ! (SYS$LIBRARY:TCPIP$TEMPLATES.TLB)    ------------------------------  $ Date: Wed, 6 Dec 2006 16:13:14 -05003 From: "Peter Weaver" <info-vax@weaverconsulting.ca> ( Subject: Re: Homemaid keycap mnemonics ?6 Message-ID: <011e01c7197b$58243c30$2802a8c0@CHARONVAX>   ----- Original Message -----  / From: "JF Mezei" <jfmezei.spamnot@teksavvy.com>  To: <Info-VAX@Mvb.Saic.Com> * Sent: Wednesday, December 06, 2006 3:33 AM$ Subject: Homemaid keycap mnemonics ?    B >I miss my ALL-IN-1 LK201 keyboard, especially the numeric keypad. > M > Does anyone know of some kits you can perhaps pass through a laser printer  > > to generate high quality keycaps with the right text on it ? >     You need one of these keyboards M http://www.artlebedev.com/everything/optimus/. :) But it might be cheaper to  J use a lable printer that uses laminated tape (i.e. Brother TZ tapes). The J problem with using a label printer is that the labels eventually fall off I and get stuck between the keys so keep a few sets on hand to replace the   ones that do fall off.   Peter Weaver www.weaverconsulting.ca 8 CHARON-VAX  CHARON-AXP DataStream Reflection PreciseMail   ------------------------------   Date: 6 Dec 2006 21:51:44 GMT ) From: Hans Bachner <Hans@Bachner.priv.at>  Subject: Re: Mozilla0 Message-ID: <el7hhu.71.1@usenet.bachner.priv.at>  . JF Mezei <jfmezei.spamnot@teksavvy.com> wrote:   <snip>  ' > Remember to instal GTK and OPL first.   I This is done automatically by the Mozilla installation if GTK and/or OPL  - are not yet present (in the current version).    Hans.    ------------------------------  * Date: Wed, 6 Dec 2006 15:51:12 -0600 (CST)* From: sms@antinode.org (Steven M. Schweda) Subject: Re: Mozilla2 Message-ID: <06120615511257_2020028F@antinode.org>    From: "Dona" <erminido@yahoo.it>  H > I'm sorry but I'm novice to OpenVMS.....I'm just starting to work with1 > it and I obviously encountered some problems :( + > In particular, I tried to install Mozilla G > "cswb-openvms-alpha-v1713.sfx_axpexe" and I followed the instructions A > issued in "Installation Guide and Release Notes" but, I already  > encountered my first problem:  > 9 > file #1:  bad zipfile offset (local header sig):  81921 ! >   (attempting to re-compensate) 9 > file #1:  bad zipfile offset (local header sig):  81921 < > file #2:  bad zipfile offset (local header sig):  36235368! >   (attempting to re-compensate) = >   inflating: cpq-axpvms-cswb-v0107-13-1.pcsi$compressed_esw  > [...]   H > Is there anyone who could be help me to understand what's happened and > how to fix the problems?  E    What was the command which produced these error messages?  How did 3 you download the SFX file?  Mine works as expected:   D ALP $ run ALP$DKA0:[CSWB.V1R7S13]CSWB-OPENVMS-ALPHA-V1713.SFX_AXPEXE. UnZipSFX 5.52 of 28 February 2005, by Info-ZIP (http://www.info-zip.org).      9 This self-extracting archive file contains PCSI kits for:      - Secure Web Browser (CSWB)    - GTK+!   - OpenVMS Porting Library (OPL)   E Once the PCSI files are extracted, use the PRODUCT INSTALL command to @ install CSWB. If you don't already have the required versions ofA GTK+ and OPL installed, they will be automatically installed too.   7   inflating: cpq-axpvms-cswb-v0107-13-1.pcsi$compressed  [...]     E    Did you try to unzip the thing using some obsolete UnZip program?  & Were the resulting extracted files ok?     > Thank's in advance      That's "thanks" (plural).  H ------------------------------------------------------------------------  3    Steven M. Schweda               sms@antinode-org 4    382 South Warwick Street        (+1) 651-699-9818    Saint Paul  MN  55105-2547    ------------------------------  % Date: Wed, 06 Dec 2006 16:36:48 -0500 - From: "John E. Malmberg" <wb8tyw@qsl.network> A Subject: Re: New location for GNV compatible .PCSI$COMPRESS kits. ; Message-ID: <cpOdnW6JSpmWperYnZ2dnUVZ_h6dnZ2d@adelphia.com>     Peter 'EPLAN' LANGSTOEGER wrote:= > In article <urudnTqSirPmb-zYnZ2dnUVZ_o6dnZ2d@adelphia.com>, 3  >> "John E. Malmberg" <wb8tyw@qsl.network> writes:  > H >>The PCSI$COMPRESSED kits for the following packages have been moved to >>  >>  ftp://encompasserve.org/gnv/ >>D >>    jpeg 6.0b           jem-axpvms-jpeg-v0600-0b-1.pcsi_compressedF >>    libpng 1.2-13       jem-axpvms-libpng-v0102-13-1.pcsi_compressedH >>    libxrender 0.9      jem-axpvms-libxrender-v0009--1.pcsi_compressedJ >>    pkgconfig 0.21      jem-axpvms-pkgconfig-v0021-0e1-1.pcsi_compressedC >>    tiff 3.8.2          jem-axpvms-tiff-v0308-2-1.pcsi_compressed C >>    zlib 1.2.3          jem-axpvms-zlib-v0102-3-1.pcsi_compressed D >>    renderext 0.9       jem-vms-renderext-v0009--1.pcsi_compressed >>K >>You may need to rename the extension to .pcsi$compress after downloading  J >>the file.  As Encompasserve.org uses multinet, dollar signs are causing C >>a change in case in the name displayed and also making the files  8 >>inaccessible.  I renamed the files to get around this.  J > Never ever offer vanilla .PCSI or .PCSI$COMPRESSED files for downloadingN > via web (or FTP). Use always a packaged format. I strongly recommend ZIPSFX.  ? .ZIP files for these packages are now in the /gnv directory on  9 encompasserve.org.  UNZIP on an OpenVMS system of course.    -John  wb8tyw@qsl.network Personal Opinion Only    ------------------------------   Date: 6 Dec 2006 15:30:55 -0500 > From: colonel@monmouth.com (The National Folk Hero of the Net)( Subject: public-key ssh out of VMS 7.3-1- Message-ID: <el799v$p6d$1@shell.monmouth.com>   ? I've loaded our OpenVMS system with the latest patch for TCPIP. = Public-key SSH into VMS is working perfectly, except that our > Unix systems get confused when they find DCL at the other end.  : Now I'm trying to use public-key SSH out of VMS.  SSH_SSH2? recognizes the private key format and is willing to use public- < key authentication.  But it demands a passphrase!  If I give> it the empty one, it falls back on interactive authentication.  ; I generated the pair of 1024-bit RSA keys on a Linux system A with an empty passphrase.  Why does SSH_SSH2 demand a passphrase?   = Even if I add a non-empty passphrase to the key and use that, 8 SSH_SSH2 still falls back on interactive authentication.  , Here is what my private-key file looks like:  + 	---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ---- A 	MIICWwIBAAKBgQC6tPN/TQEMoLBLGB95h0/U95csT/CYyptrOxdG5TetVdOnU7il   	[... several lines omitted ...]- 	kbcNt3ka2OC2wPzx42C3Y8jztPKixUtdv6Ze3RJ0Sg== ) 	---- END SSH2 ENCRYPTED PRIVATE KEY ----   F The WWW seems to have little about the problem.  So far as I can tell,D if the passphrase in the private key is empty, SSH should not prompt you for the passphrase.    -:-  	            . . . Fox spot, 	Kentucky Fried Fox, Red Fox,  	why the hell not?  2 		--John Kinsella, "Sanctus, Sanctum: A Love Poem"   --   Col. G. L. Sicherman home: colonel@mail.monmouth.com  work: sicherman@att.com ( web: <http://www.monmouth.com/~colonel/>   ------------------------------  * Date: Wed, 6 Dec 2006 15:41:48 -0600 (CST)* From: sms@antinode.org (Steven M. Schweda), Subject: Re: public-key ssh out of VMS 7.3-12 Message-ID: <06120615414870_2020028F@antinode.org>  > From: colonel@monmouth.com (The National Folk Hero of the Net)  A > I've loaded our OpenVMS system with the latest patch for TCPIP.   G    I find the output from "TCPIP SHOW VERSION" and 'SSH "-V"' generally 4 more useful than vague descriptions (like "latest").  < > Now I'm trying to use public-key SSH out of VMS.  SSH_SSH2A > recognizes the private key format and is willing to use public- > > key authentication.  But it demands a passphrase!  If I give@ > it the empty one, it falls back on interactive authentication.  B    Who is "SSH_SSH2"?  Output resulting from adding "-v" to an SSHF command could reveal something, such as which key file you're actually using.  H ------------------------------------------------------------------------  3    Steven M. Schweda               sms@antinode-org 4    382 South Warwick Street        (+1) 651-699-9818    Saint Paul  MN  55105-2547    ------------------------------   Date: 6 Dec 2006 10:57:22 -0800 $ From: "AEF" <spamsink2001@yahoo.com>" Subject: Re: recursive copy in VMSB Message-ID: <1165431442.259664.229210@80g2000cwy.googlegroups.com>   Bob Koehler wrote:d > In article <sejdn2hj61rum7fa8k7oel7snksbbclqri@4ax.com>, jls <jeffls-nospam@sbcglobal.net> writes: > >  > > So then, what happens if:  > > + > > 1.  he copies file X to the VMS system. & > > 2.  Along the way it gets deleted.7 > > 3.  The VMS disk fails and is restored from backup. % > > 4.  He finds that he needs file X  > F >    Just like when I do BACKUPs, I never do step 2.  Normally routineE >    backups are to ensure there is a second copy of the file, not to  >    delete them.  > D >    And I've done what the OP is doing for years from a Mac withoutG >    ever having a mysterious deletion of the original file on the Mac.   C I actually saw something very similar to (2.) happen way back in my G graduate student days. A user whose name starts with Z lost some files, A including a large FORTRAN file because the system manager "moved" G everyone's files from one disk to another and it turned out the last so E many files didn't make it due to lack of space or some other reason I F can't recall. Of course the user, even after having been urged to backF up his own personal files (as all of us were), failed to do so and the7 large FORTRAN program had to be rewritten from scratch.   J >    But if you have a file so precious that you need three, four, or evenG >    more copies before you can be sure you can restore it, then by all / >    means consider not doing what the OP does.    AEF    ------------------------------  % Date: Thu, 07 Dec 2006 01:28:45 +0100 / From: Paul Sture <paul.sture.nospam@hispeed.ch> " Subject: Re: recursive copy in VMSJ Message-ID: <paul.sture.nospam-98D664.01284507122006@mac.sture.homeip.net>  G In article <871wndwndk.fsf@k9.prep.synonet.com>, prep@prep.synonet.com   wrote:  ? > koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes:  > H > >> You are aware that you will get those files restored but with a bigF > >> load of zero as content? So they will LOOK ok, but be useless for: > >> anything except getting you to delete the other copy. >    > >> This is NOT a good idea!  > D > >    I think that's exactly what he wants.  He's satisfied that heF > >    won't lose his Mac's disk and his VMS system's disk at the sameF > >    time, just like I'm satisfied that I won't lose my VMS systems'5 > >    disks and their tape backups at the same time.  > G > MAny years ago, two of us installed 4.0 onto a pair of 750s. The unit > > manager was insistant that we not back it up first as it wasF > unnessisary.  And at 5pm he vanished, and the tape accedentally leftF > in the drive started spinning. As did several more, and all vanished > into the bottom of a draw.  B Yeah, I once had a manager insist that backups were unnecessary...  G > Next day, ASTRIX and OBLIX where happily humming along. He loged into E > one, look through his stuff, log out, logged into the other one and D > !eh! there is a second copy of all my files, I'll tidy them up and > delete them. And he did.   > # > "Backup? You said not to do one."   B Then there was the arrogant salesman putting demo software on our D system, so paranoid that we might steal it that he had to delete it # before we went to lunch. Snigger...   A > We had to pull the plug on it anyway, due to the 4.0 stale data C > problem, and waited a few days before `someone' discovered an old  > tape.    :-)    --  
 Paul Sture   ------------------------------  % Date: Wed, 06 Dec 2006 14:10:48 -0800 * From: "Tom Linden" <tom@kednos-remove.com> Subject: SSH Attacks) Message-ID: <op.tj5rwasitte90l@hyrrokkin>   A Occasionally I see intrusion attempts via ssh.  Knowing the IP of @ offender is there a way to prevent him from trying to log in?  A teergrube would be great!    --  E Using Opera's revolutionary e-mail client: http://www.opera.com/mail/    ------------------------------  * Date: Wed, 6 Dec 2006 16:24:36 -0600 (CST)* From: sms@antinode.org (Steven M. Schweda) Subject: Re: SSH Attacks2 Message-ID: <06120616243644_2020028F@antinode.org>  * From: "Tom Linden" <tom@kednos-remove.com>  C > Occasionally I see intrusion attempts via ssh.  Knowing the IP of B > offender is there a way to prevent him from trying to log in?  A > teergrube would be great!   E    Occasionally?  I get them almost every day.  Often more than one.  F Cooperative Windows systems, I suppose.  Assuming TCPIP, you can block up to 32 individual hosts:   TCPIP 0 SET SERVICE SSH /REJECT = HOSTS = offending_host   Then (probably):   DISABLE SERVICE SSH  ENABLE SERVICE SSH  H    I normally send the relevant output from ANAL /AUDI to the ISP, whichF seems to work in most cases.  When it doesn't, I block the address, as shown above.   ALP $ tcpip show version  ;   HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 6 D   on a COMPAQ Professional Workstation XP1000 running OpenVMS V7.3-2  H ------------------------------------------------------------------------  3    Steven M. Schweda               sms@antinode-org 4    382 South Warwick Street        (+1) 651-699-9818    Saint Paul  MN  55105-2547    ------------------------------  * Date: Wed, 6 Dec 2006 23:48:46 +0000 (UTC)7 From: moroney@world.std.spaamtrap.com (Michael Moroney)  Subject: Re: SSH Attacks( Message-ID: <el7ksu$q9f$1@pcls4.std.com>  , "Tom Linden" <tom@kednos-remove.com> writes:   >> TCPIP7 >> SET SERVICE SSH /REJECT =3D HOSTS =3D offending_host  >> >> Then (probably):  >> >> DISABLE SERVICE SSH >> ENABLE SERVICE SSH   0 >Still a Teergrube would tie up their resources.  H I wrote a teergrube for VMS (actually significantly modified an existingJ Linux one) a few years ago.  It seems that the crapware of the time eitherG didn't understand the unexpected response it gave it, or would give up  G after a short period of time anyway.  Either way, it didn't seem to tie 
 them up much.    ------------------------------  $ Date: Wed, 6 Dec 2006 19:48:42 -05003 From: "Peter Weaver" <info-vax@weaverconsulting.ca>  Subject: Re: SSH Attacks6 Message-ID: <016b01c71999$721f40d0$2802a8c0@CHARONVAX>  C > Occasionally I see intrusion attempts via ssh.  Knowing the IP of B > offender is there a way to prevent him from trying to log in?  A > teergrube would be great!   > What I do is modify sys$system:tcpip$ssh_run.com so it does a M PURGE/KEEP=1000 instead of the purge it does based on the number of nodes in  K the cluster. Then I modified TCPIP$SSH_HOME:LOGIN.COM to mail me a message;   . $ sysrem_node := "''f$trnlnm("SYS$REM_NODE")'" $ mail nl: myusername/subject=- 1   "Someone logging into SSH! from ''sysrem_node'"   M If the attack is happening while I am watching then I just let them carry on  C but I watch the .LOG files to me sure they are trying root, admin,  L webmaster... If I am too busy to be amused then I use UCX SET COMMUNICATION - /REJECT=HOST=ip. Once they give up then I do;    $ whois /out=xx.xx 'p1' - $ search *.log;* /win=(0,1)/stat/out=x.x 'p1'  $ search xx.xx "@"  H and mail x.x to whoever the abuse address in xx.xx points to. The WHOIS L program is the one that JF wrote. If you are on a version of UCX before 5.6 # then the /WIN should be /WIN=(0,3).    Peter Weaver www.weaverconsulting.ca 9 CHARON-VAX  CHARON-AXP DataStream Reflection PreciseMail     ------------------------------   Date: 6 Dec 2006 16:42:11 -0800 $ From: "roger" <rogerntucker@msn.com> Subject: Re: Who called me? B Message-ID: <1165452131.126862.104430@80g2000cwy.googlegroups.com>  E I'm trying to do the samething, but not having much luck either.  I'm  on alpha VMS 7.3-2.   , tbk$show_traceback needs the FP, SP, and PC.6 I'm having difficuilty figuring out how to get theses.  < In my routine, I call lib$get_curr_invo_context(), then call@ lib$get_prev_invo_context() to get my caller's frame.  I want to; produce a stack dump from the frame that called me.  I used E libicb$q_program_counter for the PC, libicb$q_ireg[29] for the FP and G libicb$q_ireg[30] for the SP, but don't get an accurate dump.  It looks G like it's trying but not correct.  It would sure be easier if we had an G example that produced a dump from the current or the caller's location.     Any ideas?  I'm I getting close?  @ Also, instead of linking with TRACE.EXE you can just dynamically? activate it using lib$find_image_symbol(); this is how I do it.    ------------------------------   End of INFO-VAX 2006.672 ************************