On 8/29/2024 6:42 PM, Duncan Brown wrote:

I'm getting my encompasserve renewal notices. I'm getting my
PreciseMail emails. But I can't ssh to encompasserve.org, www.encompasserve.org doesn't respond. Has it just been too long and
I'm forgetting how this works?! (I tried eisner.decus.org and
various other combinations too, with no better luck.)

SSH goes sideways sometimes.

Hunter Goatley likely needs to reboot the system; Process Software is now hosting EISNER.

--
-- Rob

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I'm getting my encompasserve renewal notices. I'm getting my
PreciseMail emails. But I can't ssh to encompasserve.org, www.encompasserve.org doesn't respond. Has it just been too long and
I'm forgetting how this works?! (I tried eisner.decus.org and various
other combinations too, with no better luck.)

Duncan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 8/29/2024 6:38 PM, Mark Daniel wrote:

On 30/8/2024 08:12, Duncan Brown wrote:

I'm getting my encompasserve renewal notices.  I'm getting my
PreciseMail emails.  But I can't ssh to encompasserve.org,
www.encompasserve.org doesn't respond.  Has it just been too long and
I'm forgetting how this works?!  (I tried eisner.decus.org and various
other combinations too, with no better luck.)

Duncan

https://eisner.decus.org/online/ssh

Ah, the port number change was it - thanks!

Duncan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 30/8/2024 08:12, Duncan Brown wrote:

I'm getting my encompasserve renewal notices.  I'm getting my
PreciseMail emails.  But I can't ssh to encompasserve.org, www.encompasserve.org doesn't respond.  Has it just been too long and
I'm forgetting how this works?!  (I tried eisner.decus.org and various
other combinations too, with no better luck.)

Duncan

https://eisner.decus.org/online/ssh

--
Anyone, who using social-media, forms an opinion regarding anything
other than the relative cuteness of this or that puppy-dog, needs
seriously to examine their critical thinking.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-08-29 22:42:47 +0000, Duncan Brown said:

I'm getting my encompasserve renewal notices. I'm getting my
PreciseMail emails. But I can't ssh to encompasserve.org, www.encompasserve.org doesn't respond. Has it just been too long and
I'm forgetting how this works?! (I tried eisner.decus.org and various
other combinations too, with no better luck.)

ssh is refusing to chat.

"ssh: connect to host eisner.decus.org port 22867: Connection refused"

Not sure if the stress should be on the first syllable of "refused"
there, or on the second. 😉

--
Pure Personal Opinion | HoffmanLabs LLC

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 30/8/2024 09:33, Stephen Hoffman wrote:

On 2024-08-29 22:42:47 +0000, Duncan Brown said:

I'm getting my encompasserve renewal notices.  I'm getting my
PreciseMail emails.  But I can't ssh to encompasserve.org,
www.encompasserve.org doesn't respond.  Has it just been too long and
I'm forgetting how this works?!  (I tried eisner.decus.org and various
other combinations too, with no better luck.)

ssh is refusing to chat.

"ssh: connect to host eisner.decus.org port 22867: Connection refused"

Not sure if the stress should be on the first syllable of "refused"
there, or on the second. 😉

% ssh -p 22867 -l ******** eisner.decus.org

N O T I C E

This is DECUServe. Access is for subscribed individuals only.

8< snip 8<

********@eisner.decus.org's password:

Last interactive login on Thursday, 29-AUG-2024 20:08:52.29
Last non-interactive login on Thursday, 29-AUG-2024 20:00:43.55

EISNER$

--
Anyone, who using social-media, forms an opinion regarding anything
other than the relative cuteness of this or that puppy-dog, needs
seriously to examine their critical thinking.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 29 Aug 2024 20:03:23 -0400, Stephen Hoffman wrote:

On 2024-08-29 22:42:47 +0000, Duncan Brown said:

I'm getting my encompasserve renewal notices. I'm getting my
PreciseMail emails. But I can't ssh to encompasserve.org,
www.encompasserve.org doesn't respond. Has it just been too long and
I'm forgetting how this works?! (I tried eisner.decus.org and various
other combinations too, with no better luck.)

ssh is refusing to chat.

"ssh: connect to host eisner.decus.org port 22867: Connection refused"

Not sure if the stress should be on the first syllable of "refused"
there, or on the second. 😉

“Connection refused” is the usual message you get if there is no server listening on that port.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 29 Aug 2024 18:56:56 -0500, Duncan Brown wrote:

Ah, the port number change was it - thanks!

Is there an equivalent of ~/.ssh/config? This allows you to conveniently
set up aliases for your commonly-used SSH destinations, with custom
settings for each like the port number to use (if not 22), maybe a
different name to use for saving/checking the host key, and perhaps some
port forwards for accessing other services.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 2024-08-29 at 19:01 -0400, Robert A. Brooks wrote:

Hunter Goatley likely needs to reboot the system; Process Software is
now hosting EISNER.

BLASPHEMY!

Isn't it enough to restart SSHD?

--
Tactical Nuclear Kittens

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-08-30 18:57:12 +0000, Hunter Goatley said:

AFAIK, EISNER has been available this entire time (once you use the
correct port). Is anyone (still) having problems connecting?

macOS 13.6.9; Ventura current.

% # default ssh attempt, on the variant port
% ssh -p 22867 -vvv myremoteuser@eisner.decus.org
OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /Users/mylocaluser/.ssh/config
debug1: /Users/hoffman/.ssh/config line 20: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/*
matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/mylocaluser/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/mylocaluser/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug1: Connecting to eisner.decus.org port 22867.
ssh: connect to host eisner.decus.org port 22867: Connection refused
%
% # ssh with the backward-compatibility options selected:
% ssh -p 22867 -vvv -o HostKeyAlgorithms=ssh-rsa,ssh-dss -o KexAlgorithms=diffie-hellman-group1-sha1 -o Ciphers=aes128-cbc,3des-cbc
-o MACs=hmac-md5,hmac-sha1 myremoteuser@eisner.decus.org
OpenSSH_9.0p1, LibreSSL 3.3.6
... [same sequence]
%
% # default connection, but with no certificates used
% ssh -o PubkeyAuthentication=no -o PreferredAuthentications=password
-p 22867 myremoteuser@eisner.decus.org
ssh: connect to host eisner.decus.org port 22867: Connection refused
%
% # and this included because "it's always DNS":
% dig +short eisner.decus.org
192.42.95.250
% dig +short @8.8.8.8 eisner.decus.org
192.42.95.250
% dig +short -x 192.42.95.250
eisner.decus.org.
% dig +short @8.8.8.8 -x 192.42.95.250
eisner.decus.org.
%
% # That all seems to be a consistently-referenced IPv4 A record.
%
% # Seems the other decuserve DNS is still tangled with HP/HPE, which
is why I've been using the eisner.decus.org name:
% dig +short @8.8.8.8 decuserve.org
15.197.225.128
3.33.251.168
%


I'd initially suspect something has been upgraded within the local
macOS 13.6.9 OpenSSH ssh client, and it's again become incompatible
with OpenVMS ssh. Still digging.



--
Pure Personal Opinion | HoffmanLabs LLC

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I don't know if this helps any. I make a successful connection. I have an older version of Open SSH 8.6p1 vs 9.0p1

For some of my older OpenVMS systems I do have to specify specific algorithms.

Host asimov
HostName asimov.xxxxxxxx.xxx
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-dss
Ciphers aes128-cbc

But nothing special for eisner

Host eisner
HostName eisner.decus.org
Port 22867
User reinhardt


--
John H. Reinhardt


macOS Monterey 12.7.5

galadriel:~ jhreinhardt$ cat ~/.ssh/config
IPQoS=throughput

galadriel:~ jhreinhardt$ ssh -vvv eisner
OpenSSH_8.6p1, LibreSSL 3.3.6
debug1: Reading configuration data /Volumes/Users/jhreinhardt/.ssh/config debug3: kex names ok: [diffie-hellman-group1-sha1]
debug3: kex names ok: [diffie-hellman-group1-sha1]
debug3: kex names ok: [diffie-hellman-group1-sha1]
debug3: kex names ok: [diffie-hellman-group1-sha1]
debug1: /Volumes/Users/jhreinhardt/.ssh/config line 63: Applying options for eisner
debug3: kex names ok: [diffie-hellman-group1-sha1]
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Volumes/Users/jhreinhardt/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Volumes/Users/jhreinhardt/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug1: Connecting to eisner.decus.org port 22867.
debug1: Connection established.
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_rsa type 0
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_rsa-cert type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_dsa type -1
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_dsa-cert type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ecdsa type -1
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ecdsa-cert type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ecdsa_sk type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ed25519 type 3
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ed25519-cert type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ed25519_sk type -1 debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_xmss type -1
debug1: identity file /Volumes/Users/jhreinhardt/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.6
debug1: Remote protocol version 2.0, remote software version 6.1.5.0 Process Software SSH MultiNet
debug1: compat_banner: no match: 6.1.5.0 Process Software SSH MultiNet
debug3: fd 5 is O_NONBLOCK
debug1: Authenticating to eisner.decus.org:22867 as 'reinhardt'
debug3: put_host_port: [eisner.decus.org]:22867
debug3: record_hostkey: found key type ECDSA in file /Volumes/Users/jhreinhardt/.ssh/known_hosts:45
debug3: load_hostkeys_file: loaded 1 keys from [eisner.decus.org]:22867
debug1: load_hostkeys: fopen /Volumes/Users/jhreinhardt/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,
ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp256,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-
nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,
rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256,ssh-rsa
debug2: ciphers ctos: aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-ctr,3des-cbc,blowfish-ctr,blowfish-cbc
debug2: ciphers stoc: aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-ctr,3des-cbc,blowfish-ctr,blowfish-cbc
debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5
debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5
debug2: compression ctos: none,zlib
debug2: compression stoc: none,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:JoHpRctiSnlBJVPRnkRBoys7CcdyNa8zRL2g+A21ePw
debug3: put_host_port: [192.42.95.250]:22867
debug3: put_host_port: [eisner.decus.org]:22867
debug3: record_hostkey: found key type ECDSA in file /Volumes/Users/jhreinhardt/.ssh/known_hosts:45
debug3: load_hostkeys_file: loaded 1 keys from [eisner.decus.org]:22867
debug1: load_hostkeys: fopen /Volumes/Users/jhreinhardt/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '[eisner.decus.org]:22867' is known and matches the ECDSA host key.
debug1: Found key in /Volumes/Users/jhreinhardt/.ssh/known_hosts:45
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_rsa RSA SHA256:R9Rne4rNkESc45iYCM6JUCcU5cwpYLj9TFJh6MDsdQ0 agent
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_dsa
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_ecdsa
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_ecdsa_sk
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_ed25519 ED25519 SHA256:0adBmFKAT+fVMALa/Q26r0Q247eswxd968I509JMUAY
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_ed25519_sk
debug1: Will attempt key: /Volumes/Users/jhreinhardt/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 2
debug3: Received SSH2_MSG_IGNORE
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 2
debug3: Received SSH2_MSG_IGNORE
debug3: receive packet: type 53
debug3: input_userauth_banner: entering

N O T I C E

This is DECUServe. Access is for subscribed individuals only.

o By logging into the system you agree to abide by the DECUServe
Canons of Conduct.

o Source code or any other information posted on this system is not
warranted in any way. YOU USE IT AT YOUR OWN RISK.

o If you submit source code to or post information on this system, you
must allow its unrestricted use. You must have the right to grant
such permission.

o Refer to the DECUServe Canons of Conduct, posted in the
DECUServe_Information conference topic 4.3, for further guidance.

o Report problems in DECUServe_Forum.

o DECUServe is running VSI OpenVMS on vtAlpha, hosted by Process Software

For information about DECUServe please login under -> Username INFORMATION
To subscribe to DECUServe please login under -> Username REGISTRATION
To report any form of a problem please login under -> Username PROBLEMS
To renew an Expired account please login under -> Username REGISTRATION

debug3: receive packet: type 2
debug3: Received SSH2_MSG_IGNORE
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Volumes/Users/jhreinhardt/.ssh/id_rsa RSA SHA256:R9Rne4rNkESc45iYCM6JUCcU5cwpYLj9TFJh6MDsdQ0 agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 2
debug3: Received SSH2_MSG_IGNORE
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Volumes/Users/jhreinhardt/.ssh/id_dsa
debug3: no such identity: /Volumes/Users/jhreinhardt/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /Volumes/Users/jhreinhardt/.ssh/id_ecdsa
debug3: no such identity: /Volumes/Users/jhreinhardt/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /Volumes/Users/jhreinhardt/.ssh/id_ecdsa_sk
debug3: no such identity: /Volumes/Users/jhreinhardt/.ssh/id_ecdsa_sk: No such file or directory
debug1: Offering public key: /Volumes/Users/jhreinhardt/.ssh/id_ed25519 ED25519 SHA256:0adBmFKAT+fVMALa/Q26r0Q247eswxd968I509JMUAY
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 2
debug3: Received SSH2_MSG_IGNORE
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Volumes/Users/jhreinhardt/.ssh/id_ed25519_sk debug3: no such identity: /Volumes/Users/jhreinhardt/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /Volumes/Users/jhreinhardt/.ssh/id_xmss
debug3: no such identity: /Volumes/Users/jhreinhardt/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
reinhardt@eisner.decus.org's password:



On 9/5/2024 10:45 AM, Stephen Hoffman wrote:

On 2024-08-30 18:57:12 +0000, Hunter Goatley said:

AFAIK, EISNER has been available this entire time (once you use the correct port). Is anyone (still) having problems connecting?

macOS 13.6.9; Ventura current.

% # default ssh attempt, on the variant port
% ssh -p 22867 -vvv myremoteuser@eisner.decus.org
OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /Users/mylocaluser/.ssh/config
debug1: /Users/hoffman/.ssh/config line 20: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/mylocaluser/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/mylocaluser/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug1: Connecting to eisner.decus.org port 22867.
ssh: connect to host eisner.decus.org port 22867: Connection refused
%
% # ssh with the backward-compatibility options selected:
%  ssh -p 22867 -vvv -o HostKeyAlgorithms=ssh-rsa,ssh-dss -o KexAlgorithms=diffie-hellman-group1-sha1 -o Ciphers=aes128-cbc,3des-cbc -o MACs=hmac-md5,hmac-sha1 myremoteuser@eisner.decus.org
OpenSSH_9.0p1, LibreSSL 3.3.6
... [same sequence]
%
% # default connection, but with no certificates used
% ssh -o PubkeyAuthentication=no -o PreferredAuthentications=password -p 22867 myremoteuser@eisner.decus.org
ssh: connect to host eisner.decus.org port 22867: Connection refused
%
% # and this included because "it's always DNS":
% dig +short eisner.decus.org
192.42.95.250
% dig +short @8.8.8.8 eisner.decus.org
192.42.95.250
% dig +short -x 192.42.95.250
eisner.decus.org.
% dig +short @8.8.8.8 -x 192.42.95.250
eisner.decus.org.
%
% # That all seems to be a consistently-referenced IPv4 A record.
%
% # Seems the other decuserve DNS is still tangled with HP/HPE, which is why I've been using the eisner.decus.org name:
% dig +short @8.8.8.8 decuserve.org
15.197.225.128
3.33.251.168
%

I'd initially suspect something has been upgraded within the local macOS 13.6.9 OpenSSH ssh client, and it's again become incompatible with OpenVMS ssh. Still digging.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-09-05 16:49:00 +0000, John H. Reinhardt said:

I don't know if this helps any. I make a successful connection. I
have an older version of Open SSH 8.6p1 vs 9.0p1

For some of my older OpenVMS systems I do have to specify specific algorithms.

Host asimov
HostName asimov.xxxxxxxx.xxx
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-dss
Ciphers aes128-cbc

But nothing special for eisner

Host eisner
HostName eisner.decus.org
Port 22867
User reinhardt

Yeah; my ~/.ssh/config was a little more complex than yours. The ssh
connection was still refused after temporarily nerfing all that.


Tried the usual fallback and some extensions to contend with ssh-dss deprecation in recent versions (with the ssh commands listed in my
earlier reply), as well.


Tried forcing password only access, and that via the registration user:

% ssh -o PubkeyAuthentication=no -o PreferredAuthentications=password
-p 22867 registration@eisner.decus.org
ssh: connect to host eisner.decus.org port 22867: Connection refused
%


Comcast routing looks funky, but then Comcast routing often looks funky:

% traceroute eisner.decus.org
traceroute to eisner.decus.org (192.42.95.250), 64 hops max, 52 byte packets [expurgated]
4 burl-lnk-70-109-168-28.ngn.east.myfairpoint.net (70.109.168.28)
10.272 ms 10.027 ms 10.388 ms
5 et-0-3-0.mpr1.yul1.ca.zip.zayo.com (64.124.142.45) 12.110 ms
12.093 ms 12.184 ms
6 * * *
7 * * *
8 be-202-pe11.111eighthave.ny.ibone.comcast.net (50.242.151.213)
24.940 ms 24.781 ms 30.398 ms
9 be-3311-cs03.newyork.ny.ibone.comcast.net (96.110.34.25) 29.100 ms
be-3111-cs01.newyork.ny.ibone.comcast.net (96.110.34.17) 25.225 ms
24.952 ms
10 be-32011-ar01.needham.ma.boston.comcast.net (96.110.42.2) 31.394
ms 26.703 ms
be-32041-ar01.needham.ma.boston.comcast.net (96.110.42.14) 158.537 ms
11 be-1-sur02.framingham.ma.boston.comcast.net (96.108.69.50) 26.929
ms 26.606 ms 31.571 ms
12 eisner.decus.org (192.42.95.250) 31.720 ms 31.621 ms 26.567 ms
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
^C
%


Nmap is happy:

% nmap -F eisner.decus.org
Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-05 14:20 EDT
Nmap scan report for eisner.decus.org (192.42.95.250)
Host is up (0.030s latency).
Not shown: 93 filtered tcp ports (no-response)
PORT STATE SERVICE
21/tcp closed ftp
25/tcp closed smtp
53/tcp closed domain
80/tcp closed http
443/tcp closed https
587/tcp closed submission
993/tcp closed imaps

Nmap done: 1 IP address (1 host up) scanned in 5.08 seconds
%


On the off chance it's something within the macOS DNS or mDNS local
universe, the following was checked and was found working:

% dscacheutil -q host -a name eisner.decus.org
name: eisner.decus.org
ip_address: 192.42.95.250

%
% dns-sd -G v4v6 eisner.decus.org
DATE: ---Thu 05 Sep 2024---
14:36:43.045 ...STARTING...
Timestamp A/R Flags IF Hostname
Address TTL
14:36:43.046 Add 40000003 0 eisner.decus.org.
0000:0000:0000:0000:0000:0000:0000:0000%<0> 752 No Such Record 14:36:43.046 Add 40000002 0 eisner.decus.org.
192.42.95.250 2252
%


As for another symptom: Safari can't connect to the server https://eisner.decus.org. That's Safari on macOS 13.6.9, with Safari
Version 17.6 (18618.3.11.11.7, 18618).


Firewall? Something doing DPI? Virtual network in the hypervisor?




--
Pure Personal Opinion | HoffmanLabs LLC

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 6/9/2024 04:14, Stephen Hoffman wrote:

On 2024-09-05 16:49:00 +0000, John H. Reinhardt said:

I don't know if this helps any.  I make a successful connection.  I
have an older version of Open SSH 8.6p1 vs 9.0p1

For some of my older OpenVMS systems I do have to specify specific
algorithms.

Host    asimov
     HostName            asimov.xxxxxxxx.xxx
     KexAlgorithms       +diffie-hellman-group1-sha1
     HostKeyAlgorithms   +ssh-dss
     Ciphers             aes128-cbc

But nothing special for eisner

Host    eisner
     HostName            eisner.decus.org
     Port                22867
     User                reinhardt

Yeah; my ~/.ssh/config was a little more complex than yours. The ssh connection was still refused after temporarily nerfing all that.

Obviously haven't done this before from my x86-64 VMS hosting system

Processor Intel(R) Core(TM) i7-9700 CPU @ 3.00GHz 3.00 GHz
Installed RAM 32.0 GB (31.8 GB usable)
System type 64-bit operating system, x64-based processor

Edition Windows 11 Pro
Version 23H2
Installed on ‎26/‎01/‎2024

but here goes...

C:\Users\********>ssh -p 22867 -l ******** eisner.decus.org
The authenticity of host '[eisner.decus.org]:22867
([192.42.95.250]:22867)' can't be established.
ECDSA key fingerprint is SHA256:JoHpRctiSnlBJVPRnkRBoys7CcdyNa8zRL2g+A21ePw. This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[eisner.decus.org]:22867' (ECDSA) to the
list of known hosts.

N O T I C E

8< snip 8<
********@eisner.decus.org's password:

Last interactive login on Wednesday, 4-SEP-2024 13:04:36.14
Last non-interactive login on Thursday, 5-SEP-2024 15:00:36.12

EISNER$ show time
5-SEP-2024 15:02:08
EISNER$ show system
OpenVMS V8.4-2L2 on node EISNER 5-SEP-2024 15:03:42.11 Uptime 1
04:07:19
8< snip 8<

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-08-30, Single Stage to Orbit <alex.buell@munted.eu> wrote:

On Thu, 2024-08-29 at 19:01 -0400, Robert A. Brooks wrote:

Hunter Goatley likely needs to reboot the system; Process Software is
now hosting EISNER.

BLASPHEMY!

Isn't it enough to restart SSHD?

No. VMS (in the form of Eisner) has proven very poor at resisting
internet probing and attacks. Attackers are routinely able to
cause all non-paged memory to be consumed, hence forcing a system
reboot (or maybe even a forced crash and reboot when even the
console has stopped responding).

I don't know if it's the TCP/IP stack in use, or the applications
running on top of that stack, or something else, but a VMS system
with full exposure to the wider internet does not appear to be a
robust system.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 8/29/2024 8:50 PM, bill wrote:

On 8/29/2024 7:01 PM, Robert A. Brooks wrote:

On 8/29/2024 6:42 PM, Duncan Brown wrote:

I'm getting my encompasserve renewal notices. I'm getting my
PreciseMail emails. But I can't ssh to encompasserve.org,
www.encompasserve.org doesn't respond. Has it just been too long and
I'm forgetting how this works?! (I tried eisner.decus.org and
various other combinations too, with no better luck.)

SSH goes sideways sometimes.

Hunter Goatley likely needs to reboot the system; Process Software is now
hosting EISNER.

Reboot VMS????

bill

Perhaps just re-boot SSH ?

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 8/30/2024 12:48 PM, bill wrote:

On 8/30/2024 11:05 AM, Dave Froble wrote:

On 8/29/2024 8:50 PM, bill wrote:

On 8/29/2024 7:01 PM, Robert A. Brooks wrote:

Hunter Goatley likely needs to reboot the system; Process Software
is now
hosting EISNER.

Reboot VMS????

Perhaps just re-boot SSH ?

So which is the OS?  VMS or SSH?  Can't "re-boot" an application.

Re-start the application.

Arne

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 8/30/2024 8:12 AM, Simon Clubley wrote:

I don't know if it's the TCP/IP stack in use, or the applications
running on top of that stack, or something else, but a VMS system
with full exposure to the wider internet does not appear to be a
robust system.

It's the design of the filter server in MultiNet. It was clearly never
designed to handle cases of extreme, prolonged attacks on a system. Not
too surprising; when that was written, such attacks were extremely rare.
Now they're not.

I'm working to address that design flaw in the filter server. It
currently uses lots and lots of TQEs to manage filter entries and
timeouts, which has proven to be problematic for these sustained attacks.

In the meantime, I just stopped trying to filter the bad IPs, and the
system has been running fine for weeks now. (I did reboot it 11 days
ago, but that was to reboot the underlying host system.)

(I don't check comp.os.vms every day, and the INFO-VAX feed to EISNER is
broken right now somewhere along the path, so I didn't see these until now.)

Hunter

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

AFAIK, EISNER has been available this entire time (once you use the
correct port). Is anyone (still) having problems connecting?

Hunter

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 2024-08-30 at 15:02 -0400, Hunter Goatley wrote:

In the meantime, I just stopped trying to filter the bad IPs, and the
system has been running fine for weeks now. (I did reboot it 11 days
ago, but that was to reboot the underlying host system.)

I'm reassured to know this. So there's been no unwanted intrusion
events then?
--
Tactical Nuclear Kittens

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 8/30/2024 3:30 PM, bill wrote:

On 8/30/2024 1:05 PM, Arne Vajhøj wrote:

On 8/30/2024 12:48 PM, bill wrote:

On 8/30/2024 11:05 AM, Dave Froble wrote:

On 8/29/2024 8:50 PM, bill wrote:

On 8/29/2024 7:01 PM, Robert A. Brooks wrote:

Hunter Goatley likely needs to reboot the system; Process Software >>>>>> is now
hosting EISNER.

Reboot VMS????

Perhaps just re-boot SSH ?

So which is the OS?  VMS or SSH?  Can't "re-boot" an application.

Re-start the application.

1: That's not what Dave said.

But probably what he meant.

:-)

Arne

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 05/09/2024 19:49, John H. Reinhardt wrote:

I don't know if this helps any.  I make a successful connection.  I have an older version of Open SSH 8.6p1 vs 9.0p1

For some of my older OpenVMS systems I do have to specify specific algorithms.

At 14:50 GMT 6-Sep-2024

<quote>
~$ ssh -p 22867 XXXXXXX@eisner.decus.org

N O T I C E

This is DECUServe. Access is for subscribed individuals only.

o By logging into the system you agree to abide by the DECUServe
Canons of Conduct.

o Source code or any other information posted on this system is not
warranted in any way. YOU USE IT AT YOUR OWN RISK.

o If you submit source code to or post information on this system, you
must allow its unrestricted use. You must have the right to grant
such permission.

o Refer to the DECUServe Canons of Conduct, posted in the
DECUServe_Information conference topic 4.3, for further guidance.

o Report problems in DECUServe_Forum.

o DECUServe is running VSI OpenVMS on vtAlpha, hosted by Process Software

For information about DECUServe please login under -> Username INFORMATION
To subscribe to DECUServe please login under -> Username REGISTRATION
To report any form of a problem please login under -> Username PROBLEMS
To renew an Expired account please login under -> Username REGISTRATION

XXXXXXX@eisner.decus.org's password:

Last interactive login on Friday, 6-SEP-2024 10:46:50.89
Last non-interactive login on Saturday, 26-AUG-2023 00:17:29.46


%DCL-S-SPAWNED, process XXXXXXX_5976 spawned
User [XXXXXXX] has 5827 blocks used, 4173 available,
of 10000 authorized and permitted overdraft of 0 blocks on DISK_USER
$
Subprocess XXXXXXX_5976 has completed
$
</quote>

--
-- No Micro$oft products were used in the URLs above, or in preparing this message. Recommended reading:
http://www.catb.org/~esr/faqs/smart-questions.html#befor

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)