HP-UX Secure Shell A.04.30.014 and A.04.30.015 Release Notes, Nov 2006
HP-UX Secure Shell A04.30.014 and A.04.30.015
Known Problems and Workarounds
Chapter17
Known Problems and Workarounds
Following are the known problems and workarounds in HP-UX Secure
Shell A.04.30.014 and A.04.30.015:
• The following SMSE behavior is seen in this version of HP-UX
Secure Shell:
Audit log messages show repeated entries for a user. This occurs
because bad login attempts are logged in the audit file. For example,
a user trying Public key authentication with bad RSA and DSA keys
results in a bad login attempt for each key type. In such a scenario,
the audit log has the following entries
SELF-AUDITING TEXT: User= root uid=0 ssh authentication method PUBKEY - failed
SELF-AUDITING TEXT: User= root uid=0 ssh authentication success - user logged in
SELF-AUDITING TEXT: User= root uid=0 ssh session open
For more information on HP-UX SMSE, see HP-UX 11i Security
Containment Administrator’s Guide: HP-UX Servers and
Workstations (5991-1821) on www.docs.hp.com
.
• HP-UX Secure Shell user authentication through the public-key will
fail in a server environment if UsePAM is set to YES and pam.conf is
set to PAM_LDAP.
Workaround: HP recommends the PAM_AUTHZ mechanism for HP-UX
Secure Shell environments that use public-key authentication with
PAM_LDAP-based account management.
• On some systems, the following messages appears in the syslog.log
file, when a user logs out of a Secure Shell session:
pam_setcred: error Authentication failed
pam_setcred: error Permission denied