SSH server for OpenVMS

The SSH (Secure SHell) protocol uses encrypted network (TCP/IP) connections
to allow remote client machines to access a server machine securely. Via
SSH the client may execute commands on the server machine, login via a
pseudo-terminal, create a proxy X11 server, or tunnel other TCP/IP
connections over the secure connection. The SSH server for OpenVMS allows
SSH clients to connect to OpenVMS systems.

The SSH 1.5 protocol is used by OpenVMS SSH server, it does not currently
support the new SSH 2.0 protocol.

Requirements

        o OpenVMS 6.2 or higher.
        o DECC compiler 5.4 or higher (no provisions made for VAX C
          compatibility)
        o DEC TCP/IP Services for OpenVMS (UCX) or other TCP/IP package
          (Multinet) with UCX emulation.
        o SSLeay 0.8.1 with patch to support RSA_NO_PADDING encryption
          applied.
          (Note: RSAREF option DOES NOT WORK, you must build SSLeay without
          it)

Distribution

     The server software is distributed as a ZIP file, ssh_server_nnn.zip,
     where nnn is the release version. This zip file contains the C
     sources, MMS description files, command procedures and other files
     necessary to build the executable images.

Installation

     Since the SSH server performs system-level services, it must be run by
     the SYSTEM account or other privileged account. The installation
     checklist includes items such as changing your system startup and
     global login procedures. Most aspects of the server's operation are
     controlled by a parameter file that must be customized to each
     installation.

Restrictions

        o UCX 4.1 requires eco 7 or higher to fix bugs in non-blocking
          socket support
        o The sethost_ssh client program is provided to aid in server
          testing only.
        o Ciphers supported: none, idea, des, 3des, RC4, and blowfish>
        o The only authentication types supported are password and RSA
        o X11 port forwarding is supported but has serious security
          considerations. Any logged in VMS user may connect to the X11
          server being proxied through the SSH connection.
        o General port forwarding is not supported

  ------------------------------------------------------------------------
David Jones, Ohio State University