Exploring OpenVMS from “unsecure” NFS mount on linux

Now this is something that no admin would do with his/hers OpenVMS system, but since I run this in my lab and I like to experiment, I wanted to share my findings. Getting around filesystem on the OpenVMS is a little clumsy, so I wanted to try to export the whole dka0: disk (system) over NFS and mount in from Linux and explore it from there ( find, grep, strings, hexedit … you name it)

Prerequisites of this experiment are that you already have a running OpenVMS 8.4-2 system on your alphavm_free simulation as described here:



Do some time traveling if your TCPIP license expired ;)

So lets enable NFS server on the OpenVMS ; login as system and exec

$ @tcpip$config 

Choose 3 – Server components

Now select to setup NFS first (make sure you start the service once enabled – this is how it should look like once setup) Exit from NFS Configuration [E] and setup PORTMAPPER 15

Once Enabled we are good; we jump out via [E] from the menu and get back to the shell, once there execute the following to get info about the disk to share via NFS

$ sh dev dk
Device Device Error Volume Free Trans Mnt
 Name Status Count Label Blocks Count Cnt
ALPHA1$DKA0: Mounted 0 ALPHASYS 8272640 356 1
ALPHA1$DKA200: Online 0
ALPHA1$DKA400: Online wrtlck 0

We want to share the DKA0:  with ID as ALPHASYS   via NFS

jump to the TCPIP subsystem   (Please note this is VERY UNSECURE :) ) is the IP address of the br0 interface on our Linux host  (uid=0 and gid=0 are for the Linux root user to be able to mount the NFS;  system is the OpenVMS account that has all the rights ….

$ tcpip 
TCPIP> set host panasonic /address=    (choose some other hostname)
TCPIP> map "/ALPHASYS" dka0: 
TCPIP> add export "/ALPHASYS" /host=
TCPIP> add proxy system /uid=0 /gid=0 /host=

So now we should be able to query the simulated OpenVMS from our Linux host

panasonic mnt # showmount -e
Export list for
panasonic mnt #

And finally mount it

mount -o nolock /mnt/nfs

Next we “explore”






About astr0baby

Please run Adblock or similar... we have been told to do so since Carl Sagan wrote the Contact .
This entry was posted in Uncategorized. Bookmark the permalink.

7 Responses to Exploring OpenVMS from “unsecure” NFS mount on linux

  1. Pingback: 【知识】10月11日 – 每日安全知识热点 – 安百科技

  2. Pingback: 【知识】10月11日 – 每日安全知识热点-安全路透社

  3. asteenmis says:

    Thank you for this very useful tutorial !
    However it doesn’t fully work for me, the showmount command is OK and returns the export list, but when I tried to mount on my linux client, I have the following message :

    mis00167@DTL05:/mnt$ showmount -e
    Export list for

    mis00167@DTL05:/mnt$ sudo mount -o nolock,vers=2 /mnt/ERIC_test_DSA55/
    mount.nfs: access denied by server while mounting

    Do you have an idea of what I missed here ?

    • astr0baby says:

      Depends on the version of OpenVMS NFS and your client – seems you are setting vers=2 – check if you have proper setup on your Linux side – can you mount other NFS shares ? (non VMS)
      This should be trivial to troubleshoot – also make sure you have the hostnames resolvable ..

      • asteenmis says:

        I am setting vers=2 because no other version seems to work with this nfs server. I do have other nfs shares but with more recent servers. If you don’t have any other idea don’t worry I was asking just in case :)

      • asteenmis says:

        I found the solution to my problem. I use an old version of OpenVMS (6.2) so things were a little different. I had to use the hostname instead of the IP address in the “add export” command and the “add proxy” command. Now everything works fine.
        Thanks again for your help

      • astr0baby says:

        Glad you got it working :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.