HP-UX Secure Shell A.04.50.003, A.04.50.004, and A.04.50.005 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software

HP-UX Secure Shell A.04.50.003,

A.04.50.004, and A.04.50.005 Release

Notes

HP-UX 11i v1, 11i v2, and 11i v3

HP Part Number: T1471-90029

Published: May 2007

Summary of content (13 pages)

PAGE 1
HP-UX Secure Shell A.04.50.003, A.04.50.004, and A.04.50.
PAGE 2
© Copyright 2006 Hewlett-Packard Development Company, L.P Legal Notices Copyright 2007 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.
PAGE 3
Table of Contents 1 HP-UX Secure Shell A.04.50.003, A.04.50.004, and A.04.50.005 ....................7 Announcement.......................................................................................................................................7 Secure Shell Versions on HP-UX............................................................................................................7 New Features............................................................................................................
PAGE 4
PAGE 5
List of Tables 1-1 1-2 1-3 1-4 1-5 Availability of Secure Shell Versions on HP-UX ............................................................................7 Scenarios where pam_setcred Generates Error Messages..............................................................9 System Requirements for Installing HP-UX Secure Shell A.04.50.003, A.04.50.004, and A.04.50.005.....................................................................................................................................
PAGE 6
PAGE 7
1 HP-UX Secure Shell A.04.50.003, A.04.50.004, and A.04.50.005 This document discusses the most recent product information for HP-UX Secure Shell Versions A.04.50.003, A.04.50.004, and A.04.50.005 that are supported on HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3. This document addresses the following topics: • • • • • • • • • • • • “Secure Shell Versions on HP-UX” (page 7) “New Features” (page 7) “Defects Fixed in OpenSSH4.5p1” (page 7) “Defects Fixed in HP-UX Secure Shell A.04.50.003, A.04.50.004, and A.
PAGE 8
• • Fixed a bug in the sshd privilege separation monitor that weakened its verification of successful authentication. Fixed a bug where ssh connections to a Solaris machine were dropped if a process started in the 1st ssh session was terminated in the 2nd session. Instead of terminating only the process, the first session was also terminated. For more information on these defect fixes, see the Bugzilla Website at: http://bugzilla.mindrot.org. Defects Fixed in HP-UX Secure Shell A.04.50.003, A.04.50.
PAGE 9
pam_setcred: error Authentication failed pam_setcred: error Permission denied These error message appear only when the daemon is running in debug mode. These error message are not relevant to (and does not affect) HP-UX Secure Shell operations. The PAM function pam_setcred generates this message.
PAGE 10
from http://software.hp.com. If you are using HP-UX Secure Shell on HP-UX 11i v1, HP recommends that you install the Strong Random Number Generator product as it significantly speeds up program initialization and execution time for some commands. HP-UX Secure Shell Resources For more information about Secure Shell, read the following: • • • • HTML and pdf versions at http://docs.hp.com ( Internet and Security Solutions) A README text version in the software at: /opt/ssh/README.
PAGE 11
The HP-UX 11i v1 (B.11.11) Support Plus release media contains the standard HP-UX patch bundles, which are also available on the HP IT Resource Center Web site. The HP-UX 11i v1 (B.11.11) Support Plus release media for December 2002 also contains the required patches. If you do not have access to the media, complete the following steps: 1. 2. 3. 4. 5. Go to the IT Resource Center (ITRC): http: //www.itrc.hp.com Choose the appropriate site: Americas/Asia-Pacific or European.
PAGE 12
1. 2. 3. 4. 5. 6. 7. 8. Log in as superuser. Insert the software CD into the appropriate drive if installing from the Application Release CD. If installing from http://software.hp.com, download the depot and use the swinstall directions provided on the Installation page where you downloaded the software. Run $ swinstall -s at the command prompt. In the Source Depot Path field, enter the drive mount point and click OK. Change theSource Host Name, if needed.
PAGE 13
library consisting of tcp_wrapper version 7.6-ipv6.4, is linked to HP-UX Secure Shell. You only need to configure hosts.allow and hosts.deny to use the access control provided by tcp_wrapper. Is HP-UX Secure Shell vulnerable to the reported double free bug in the zlib compression algorithm documented at http://www.cert.org/advisories/CA-2002-07.html? All versions of HP-UX Secure Shell starting from A.03.10 are built with support for zlib-1.1.4 or later.