Previous | Contents |
Problem:
During a forced password change, the SSH server does not perform weak password checking or system-dictionary checking on the proposed new password.
Solution:
This problem is corrected in this release.
4.21.57 SSH login via public key authentication may fail
Problem:
Although the expired password is not used, an SSH login via public key authentication may fail, if the target user has the DISFORCE_PWD_CHANGE flag set or improperly set the PWD_EXPIRED or PWD_EXPIRED2 flag.
Solution:
This problem is corrected in this release.
4.21.58 LCD command in SFTP fails with "CD failed"
Problem:
The LCD command in SFTP fails with a CD failed error if not connected to a remote SFTP server, although it should have been possible to change the local directory. Also, the CD command returns the same error when an OpenVMS-style directory specification is used while connecting to a non-OpenVMS server.
Solution:
This problem is corrected in this release.
4.21.59 error and command messages to stderr (SYS$ERROR) and stdout (SYS$OUTPUT)
Problem:
The SFTP client fails to properly direct error and command messages to stderr (SYS$ERROR) and stdout (SYS$OUTPUT) as appropriate.
Solution:
This problem is corrected in this release.
4.21.60 Data appears to be truncated on the remote end
Problem:
The SFTP and SCP utilities are not properly 'put'ing fixed record format files to non-VMS systems. The data appears to be truncated on the remote end.
Solution:
This problem is corrected in this release.
4.21.61 Spurious debug messages at the end of an SFTP log file
Problem:
Spurious debug messages appear at the end of an SFTP log file.
Solution:
This problem is corrected in this release.
4.21.62 Authentication failure when trying to connect to HP ProLiant iLO mpSSH Server
Problem:
Authentication fails when attempting to use the OpenVMS SSH client to connect to an HP ProLiant iLO mpSSH Server.
Solution:
This problem is corrected in this release.
4.21.63 Only the first 3 IdKeys are processed
Problem:
When using SSH with public key authentication, only the first 3 IdKeys are processed from the IDENTIFICATION file.
Solution:
This problem is corrected in this release.
4.21.64 lcd to logical name specification restrictions
Problem:
Warning: chdir(/sys$login/./tmp) errno = 2 PWD failed. |
Solution:
This problem is corrected in this release.
4.21.65 Port forwarding fails if ResolveClientHostName is set to 'no'
Problem:
SSH port forwarding fails if the SSHD2_CONFIG. option ResolveClientHostName is set to 'no'.
Solution:
This problem is corrected in this release.
4.21.66 Transferring large number of files using SFTP
Problem:
Transferring a very large number of files using SFTP can result in a memory allocation error and displays the following error:
"Not enough memory" or TCPIP-F-SSH_ALLOC_ERROR) due to a memory leak. |
Solution:
This problem is corrected in this release.
4.21.67 SSH connection requests are handled as NETWORK access
Problem:
All the various types of SSH connection requests (For example, SSH interactive sessions, single command mode, SFTP) are handled as NETWORK access, instead of differentiating by session type.
Solution:
This problem is corrected in this release.
4.21.68 UAF account expiry is not notified
Problem:
If an UAF account has "expired", SSH does not properly notify the user. It also logs an inappropriate intrusion record when a valid but expired password is presented.
Solution:
This problem is corrected in this release.
4.21.69 Characters from extended character set are allowed
Problem:
Although, the UAF flag PWDMIX is not set, SSH allows characters from the extended character set to be used when creating a password during an expired password change event.
Solution:
This problem is corrected in this release.
4.21.70 Accessing files via SFTP causes excessive Security alarms
Problem:
Accessing files via SFTP causes excessive Security alarms in the Audit log complaining that EXECUTE access is required for the SYSUAF.DAT file.
Solution:
This problem is corrected in this release.
4.21.71 SYS$ANNOUNCE message displayed after login
Problem:
The SYS$ANNOUNCE message is displayed after login, and display of the SYS$WELCOME message is not implemented.
Solution:
This problem is corrected in this release.
4.21.72 "ls -l" and the "rename" command with wildcards fails
Problem:
Using the SFTP ls -l and the rename command with wildcards (*) fails when the specified name was a directory.
Solution:
This problem is corrected in this release.
4.21.73 Opening a second Tectia SSH client
Problem:
Attempts to open a second Tectia SSH client session may result in both sessions getting disconnected.
Solution:
This problem is corrected in this release.
4.21.74 Server process crashes while listing files
Problem:
The SFTP Server process crashes while listing files, if any one the listed file owner name is equal to greater than the OpenVMS maximum allowable length, that is, 12 characters.
Solution:
This problem is corrected in this release.
4.22 SYSCONFIG problems fixed in this release
The following section describes SYSCONFIG problems fixed in this
release.
4.22.1 Sysconfigdb generates incorrect error message
Problem:
The sysconfigdb command generates a %SYSTEM-F-SSFAIL, system service failure exception instead of exiting gracefully upon detecting an error.
Solution:
This problem is corrected in this release.
4.23 TCPDUMP problems fixed in this release
The following section describes TCPDUMP problems fixed in this release.
4.23.1 TCPDUMP exits with a success status when invalid arguments are passed
Problem:
Although, invalid command line arguments are passed, TCPDUMP may exit with a success status. It must exit with something more descriptive, such as %SYSTEM-E-ABORT (condition code 42).
Solution:
This problem is corrected in this release.
4.24 TELNET problems fixed in this release
The following section describes TELNET problems fixed in this release.
4.24.1 Arbitrary characters received on the TELNET server
Problem:
Arbitrary characters are received on TELNET server when used in binary mode.
Solution:
This problem is fixed in this release.
4.24.2 Quoted character gets dropped
Problem:
Binary telnet session occasionally drops quoted character.
Solution:
This problem is corrected in this release.
4.24.3 User authorization failure
Problem:
When you establish a telnet session in a binary mode to an OpenVMSvms host by entering Ctrl-U+Username followed by Ctrl-U+password, it results in a user authorization failure.
Solution:
This problem is corrected in this release.
4.24.4 Destination address is not set correctly
Problem:
The destination address associated with an outbound TN device is not always set correctly.
Solution:
This problem is corrected in this release.
4.24.5 Allocating a freshly-created outbound TN device
Problem:
Allocating a freshly-created outbound TN device is not possible because the device is initially marked as mounted. The message SYSTEM-F-DEVMOUNT, device is already mounted may result from an attempt to use the DCL ALLOCATE command.
Solution:
This problem is corrected in this release.
4.24.6 "INVEXCEPTN @SMP$ACQUIRE_C + 00034" error displayed
Problem:
The system crashes with the following message:
INVEXCEPTN @SMP$ACQUIRE_C + 00034. |
Solution:
This problem is corrected in this release.
4.24.7 Logins blocked after the seed for TN devices exceeding 9999
Problem:
Further logins are blocked after the seed for TN devices exceeds 9999.
Solution:
This problem is corrected in this release.
4.24.8 TN3270 users receive an error message
Problem:
TN3270 users receive an error message while attempting to load the translation table file.
Solution:
This problem is corrected in this release.
4.24.9 OpenVMS telnet client echoes the password
Problem:
OpenVMS telnet client echoes the password, when you try to login to a Linux busybox telnet server from an OpenVMS system.
Solution:
This problem is corrected in this release.
4.25 TFTP probelms fixed in this release
The following section describes TFTP problems fixed in this release.
4.25.1 TFTP server randomly exits in between a file transfer
Problem:
To boot diskless systems, the TFTP server is used to fetch the boot files from the server. When an OpenVMS system tries to boot by first fetching the files from the TFTP server, it works as expected. But when this same operation is performed by multiple systems, random failures are observed in the file transfer.
Solution:
This problem is corrected in this release.
4.26 User Control Program problems fixed in this release
The following section describes User Control Program problems fixed in
this release.
4.26.1 Enabling the 128th service using CONFIG ENABLE SERVICE
Problem:
A maximum of 127 new services can be created using TCPIP> CONFIG ENABLE SERVICE On enabling the 128th service, the following error message is displayed:
%TCPIP-E-CONFIGERROR, error processing configuration request %TCPIP-E-TOOMANYSERV, database already has maximum number of |
Solution:
This problem is fixed in this release.
4.26.2 Entering a long domain name may trigger a failure while configuring TCPIP
Problem:
While executing TCPIP$CONFIG.COM in an attempt to initially configure TCPIP, entering a very long domain name may trigger a failure, making it impossible to configure the system. The underlying cause was a failing TCPIP SHOW CONFIGURATION COMMUNICATION /OUTPUT=filename command, which had an 80-character line length limitation.
Solution:
This problem is corrected in this release.
4.26.3 TCPIP SHOW COMMUNICATION truncates its output
Problem:
The TCPIP SHOW COMMUNICATION command truncates its output when the domain name is more than 29 characters long.
Solution:
This problem is corrected in this release.
4.26.4 SET NAME_SERVICE /INITIALIZE /CLUSTER fails to find TCPIP$BIND_RUNNING_*.DAT;*
Problem:
The SET NAME_SERVICE /INITIALIZE /CLUSTER command attempts to find the file TCPIP$BIND_RUNNING_*.DAT;* but fails because the semantics of the TCPIP$BIND_COMMON logical name have changed.
Solution:
This problem is corrected in this release.
4.26.5 TCPIP SHOW DEVICE_SOCKET output is not properly formatted
Problem:
When used with the DCL command PIPE , the output from a TCPIP SHOW DEVICE_SOCKET command is not properly formatted.
Solution:
This problem is corrected in this release.
This chapter describes updates to the information in the TCP/IP Services product documentation.
This information will be supplied in the final release of TCP/IP Services.
5.1 Documentation Not Being Updated for This Release
The following manuals are not updated for TCP/IP Services Version 5.7. Documentation changes planned for these manuals are indicated:
The following section describes the documentation updates and errata for TCP/IP documentation set:
$ TCPIP SET SERVICE LPD /LOG=option $ REPLY /ENABLE=OPCOM |
$ TCPIP SET SERVICE LPD /LOG=option $ REPLY /ENABLE=NETWORK |
% ssh_keygen -e -f public-key > openvms-format-public-key |
This appendix illustrates how to configure LPD/LPR jobs from a local
host to a remote system.
A.1 Configuring LPD job from local host to the remote system
The print jobs must be submitted from local host, "HOSTA", to the remote system, "HOSTB".
To configure the LPD jobs from a local host to the remote system, where the LPD server is not listening on default port (515), complete the following steps:
LOOP_BOGUS_P_1|loop_bogus_p_1:\ :lf=/TCPIP$LPD_ROOT/000000/LOOP_BOGUS_P_1.LOG:\ :lp=LOOP_BOGUS_P_1:\ :rm=hostb.hp.com:\ :rp=bogus_p_1:\ :rt=1234:\ :sd=/TCPIP$LPD_ROOT/LOOP_BOGUS_P_1: |
The print jobs are submitted from "HOSTA" to the remote system, "HOSTB". The LPD receiver is running on HOSTB listening to default port or any other configured port. The encrypting SSH tunnel is established between HOSTA's port (rt) and HOSTB's port on which the LPD receiver is listening.
To configure LPD jobs from a local host to a remote system over the SSH tunnel, complete the following steps:
LOOP_BOGUS_P_1|loop_bogus_p_1:\ :lf=/TCPIP$LPD_ROOT/000000/LOOP_BOGUS_P_1.LOG:\ :lp=LOOP_BOGUS_P_1:\ :rm=localhost:\ :rp=bogus_p_1:\ :rt=1234:\ :sd=/TCPIP$LPD_ROOT/LOOP_BOGUS_P_1: |
SSH -"L"1234:localhost:515 hostb.hp.com |
Previous | Contents | Contents |