3:31 PM, Aug 15, 2007
Customers are Idiots
One of the ten zillion things we do here at my "new" job is facilitate the transfer of text files filled with important financial information to and from our many customers. The default method we use to send them over the internet is FTP, with the files being encrypted on one end and decrypted on the other, using
GPG, and wrapped in a homegrown piece of software we use, called the NDM/FTP Gateway. This, as you might imagine, allows for lots and lots of problems, and we spend lots and lots of time chasing these problems down, and sitting on worthless hand-holding conference calls with idiots from Boston, Los Angeles, Chicago, Canada, and New York.
To alleviate some of this trouble, many of our customers are switching over to
SFTP, which allows secure file transfers without the hassle of individual file encryption. If you're not technical, that doesn't really matter, but the point is that we are working with our customers to implement this new kind of file transfer. I was dealing with one of these customers earlier today. It went something like this:
From: John
The public key authentication works on the command line, but using the gateway software that's been written here at DST, connecting to a nonstandard SSH server(like yours) throws errors about improper public keys and signatures. With that in mind, I'd like to at least try password authentication. What is the password for the user?
A couple hours later, the Idiot responded.
From: Idiot
It is standard IETF (Internet Engineering Task Forces) SSH version 2.
A bit taken aback by this, I wrote:
From: John
Great. Do you have the password?
This seemed to incite him. I had apparently hit a sensitive spot for him by referring to his SSH server as "nonstandard."
From: Idiot
I don't have the password and it's a one way encryption so I can't display it.
By the way, HP wrote this "non-standard IETF SSH" and it's implemented thousands of OpenVMS systems.
Not wishing to argue with a man that has to deal with an
operating system from the 1970s that runs on the
worst hardware of today, I closed the discussion with the following.
From: John
I didn't mean to touch a nerve. It's just that most people avoid the commercial and proprietary versions of SSH for reasons like this, and use the freely-available OpenSSH. Varying from that can cause problems like what we're experiencing. A workaround for dealing with non-OpenSSH servers that seems to work is to deal with password authentication instead of the preferred public key authentication. That's all I was saying. I wasn't trying to insult your VMS server.
What a boob. Sorry to all the folks that have no idea why this is funny. I'll get an entry in English posted soon enough.
Brian wants you to know:
Not to be pedantic or anything, but the F in IETF is definitely not plural. Also, I'm pretty sure the IETF doesn't publish any software; they just oversee several technical processes, including the process of developing RFCs, such as those that define SSH. So there is no "IETF SSH." HP's version is probably not all that cutting edge anymore.
So yeah, sounds like a boob.
5:14 PM, Aug 15, 2007