SSH for OpenVMS Data Sheet

 

SSH for OpenVMS Data Sheet (PDF)

Download a PDF version of this document

 

SSH server and client provide secure encrypted communications over the Internet.

 

Secure Shell (SSH) Protection

SSH for OpenVMS server and client software provides secure communications for system administrators using TCP/IP Services on Alpha and Integrity systems. It protects against a wide variety of potential security breaches such as spoofing, eavesdropping or hijacking a session, and man-in-the-middle attacks. System administrators can trust that user files, e-mails, and data reach their destination securely.

SSH is the de facto standard for Internet security. SSH v2 is the basis for the Internet Engineering Task Force (IETF) SECSH standard. Many large enterprises and government organizations have used Process Software’s SSH software worldwide on both MultiNet and TCPware TCP/IP stacks for OpenVMS for many years. The SSH2 server and client are FIPS 140-2 Level 2 compliant.

 

Authentication and Encryption

SSH is a protocol that provides strong authentication and secure encrypted communications over unsecured channels. The more secure asymmetric cipher called Diffie-Hellman can be used for host authentication. Diffie-Hellman provides additional security by eliminating the need for exchanging private keys over the wire. It allows users the advantage of continually authenticating throughout the entire session. SSH for OpenVMS also supports a wide variety of strong encryption algorithms including IDEA, DES, 3DES, ARCFOUR, Blowfish, Twofish, AES-128, and CAST-128.

Managing SSH authentication is simplified with single sign-on support. SSH for OpenVMS works with existing PKI certificates and Kerberos infrastructure. A public-key server and assistant have been added to make it easier to manage keys for SSH public key authentication. The public-key subsystem and assistant can be used to add, remove, and list public keys stored on a remote server.

 

Secure Application Tunneling

SSH for OpenVMS not only encrypts console sessions, but many other applications with port forwarding. Any application can be encrypted that has a known port number. This includes e-mail, database connections, X-Windows, remote printing, and more. System administrators can choose which applications to encrypt based on their corporate security requirements, avoiding unnecessary network overhead. Also, data compression improves performance of slow network connections.

 

Secure Data Transfers

SSH for OpenVMS increases security with SFTP and SCP support. Both protocols allow SSH users to perform secure file transfers across an unsecured network. It provides system administrators with the ability to add, move, copy and delete files securely. SFTP and SCP utilize the SSH server and client as a basis for accomplishing this advanced level of security.

Both SFTP and SCP can be used to securely transfer files in ASCII, BINARY, or OpenVMS format when implementing SSH file transfer protocol v3 and v4. Support for this protocol improves file transfer interoperability between different operating systems.

 

Interoperability

The SSH for OpenVMS server and client are flexible, supporting a wide variety of third-party SSH servers and clients on the market today. This includes servers and clients on UNIX, Macintosh, Linux, and Windows platforms.

 

 

Key Features

  • De facto standard for secure communications over the Internet
  • Multi-protocol support for SSH v1 and v2
  • Provides secure file transfer with Secure Copy Protocol (SCP) and Secure File Transfer Protocol (SFTP) servers and clients
  • Secures numerous applications with port forwarding
  • Provides many authentication and encryption options
  • Easy to manage using single sign-on
  • Operates with most third-party SSH servers and clients
  • Saves time and bandwidth with data compression support
  • Protects investment with support for legacy versions of OpenVMS

 

Requirements

OpenVMS VAX 5.5-2 or higher
OpenVMS Alpha 6.2 or higher
OpenVMS Integrity 8.2 or higher

Runs on any version of TCP/IP Services supported by HPE or VSI

 

Free Evaluation Software