HP-UX Secure Shell A.04.40.005, A.04.40.006 and A.04.40.007Release Notes
HP-UX Secure Shell A.04.40.005, A.04.40.006 and A.04.40.007
New Features in OpenSSH 4.4p1
Chapter11
New Features in OpenSSH 4.4p1
Following are the new features introduced in OpenSSH4.4p1. These
features are also available in HP-UX Secure Shell Versions A.04.40.005,
A.04.40.006 and A.04.40.007 because these versions are based on
OpenSSH4.4p1.
Conditional Configuration in sshd_config Using the
Match Directive
In earlier OpenSSH releases, the sshd daemon followed all the
configuration options irrespective of the specific criteria (based on user,
group, hostname or address).
Starting with OpenSSH 4.4p1, the Match configuration directive is
introduced to enable you to specify configuration options based on user,
group, hostname, or address. This option overrides the global option in
the sshd_config file.
Example 1 Usage of the match Configuration Directive
Match User xxxx
X11DisplayOffset 20
In this configuration, the criteria User is given as the argument for
Match. The X11DisplayOffset option is set below it. This directive
overrides the global section of the sshd_config file for User xxxx.
Support for Diffie-Hellman Group Exchange key
Agreement
Starting with OpenSSH4.4p1, OpenSSH supports
diffie-hellman-group-exchange-sha256key exchange method by using the
SHA256 code (and wrapper to make it into an OpenSSL EVP) in the
libc file. To implement the SHA256 support in OpenSSH, the platform
must support libcSHA256 or OpenSSLEVP_sha256 SHA256 KEX.
HP-UX Secure Shell does not currently support this enhancement.