HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.04.70.023 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software

HP-UX Secure Shell A.04.70.021,

A.04.70.022, and A.04.70.023 Release

Notes

HP-UX 11i v1, 11i v2, and 11i v3

HP Part Number: T1471-90032

Published: March 2008

Summary of content (14 pages)

PAGE 1
HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.04.70.
PAGE 2
Legal Notices Copyright 2008 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
PAGE 3
Table of Contents 1 HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.04.70.023........................7 Announcement.......................................................................................................................................7 Secure Shell Versions on HP-UX............................................................................................................7 Support Notice.......................................................................................................
PAGE 4
PAGE 5
List of Tables 1-1 1-2 1-3 1-4 1-5 1-6 Availability of Secure Shell Versions on HP-UX ............................................................................7 Defects Fixed in OpenSSH4.7p1......................................................................................................8 Scenarios where pam_setcred Generates Error Messages.........................................................10 System Requirements for Installing HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.04.70.023.......
PAGE 6
PAGE 7
1 HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.04.70.023 This document discusses the most recent product information for HP-UX Secure Shell Versions A.04.70.021, A.04.70.022, and A.04.70.023 that are supported on HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3. This document addresses the following topics: • • • • • • • • • • • • “Secure Shell Versions on HP-UX” (page 7) “New Features” (page 7) “Defects Fixed in OpenSSH4.7p1” (page 8) “Defect Fixed in HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.
PAGE 8
• • • • • • • The sshd daemon defaults to SSH Protocol 2 in new installations. There are no changes to existing installations. The SSH channel window size has been increased, and both the ssh command and the sshd daemon now send window updates more aggressively, thereby improving performance on high-BDP (Bandwidth Delay Product) networks. The ssh command and the sshd daemon now preserve MAC contexts between packets.
PAGE 9
Table 1-2 Defects Fixed in OpenSSH4.7p1 (continued) Defect Identifier Defect Fix Bugzilla #1262 Improved exit message from ControlMaster clients to provide the following error message: Shared connection to closed. Bugzilla #1286 Fixed sftp-server to prevent it from reading TCP packets when the buffer space is full. For more information on these defect fixes, see the Bugzilla Website at: http://bugzilla.mindrot.org. Defect Fixed in HP-UX Secure Shell A.04.70.021, A.04.70.022, and A.04.70.
PAGE 10
• HP-UX Secure Shell user authentication using public-key fails in a server environment if UsePAM is set to YES and pam.conf is set to PAM_LDAP. Workaround: HP recommends the PAM_AUTHZ mechanism for HP-UX Secure Shell environments that use public-key authentication with PAM_LDAP-based account management. • On some systems, the following messages appears in the syslog.
PAGE 11
HP-UX Secure Shell and the Strong Random Number Generator HP-UX Secure Shell requires that a random number generator be located on the system. It searches for /dev/urandom and /dev/random (in that sequence) on the system and uses the first device it finds. If it fails to locate these two devices, HP-UX Secure Shell uses its own internal random number generator program. The /dev/urandom and /dev/random devices are available by default on HP-UX 11i v2 and HP-UX 11i v3 systems.
PAGE 12
Table 1-5 Support Plus Patches for HP-UX Secure Shell on HP-UX Operating Systems Operating System Recommended Support Plus Patch HP-UX 11i v1 December 2002 Support Plus release / media HP-UX 11i v2 No Support Plus patch required HP-UX 11i v3 No Support Plus patch required The HP-UX 11i v1 (B.11.11) Support Plus release media contains the standard HP-UX patch bundles, which are also available on the HP IT Resource Center Web site. The HP-UX 11i v1 (B.11.
PAGE 13
NOTE: HP-UX Secure Shell is available on the HP-UX Application Release CD, HP-UX 11i v1 OE, HP-UX 11i v2 OE, and HP-UX 11i v3 OE whenever the CD and OEs are available. Installing HP-UX Secure Shell You do not need to remove any previous versions of HP-UX Secure Shell before upgrading to HP-UX Secure Shell A.04.70.021, A.04.70.022, or A.04.70.023. However, if you are reverting to an older version of HP-UX Secure Shell, HP recommends that you remove the new product before reverting to the older version.
PAGE 14
HP-UX Secure Shell is a binary package compiled with support for PAM, gssapi, krb5, libwrap, and no support for Smartcard. HP-UX Secure Shell is built to install and un-install using the SD-UX utility and includes all required pre-requisites. 2 How do I find out the version of HP-UX Secure Shell I am using? How do I find out whether I am running HP-UX Secure Shell or the public domain version of OpenSSH? Use the swlist command to display the name and version number of HP-UX Secure Shell.