Manualshelf

HP-UX Secure Shell A.05.00.012, A.05.00.013, and A.05.00.014 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
6789101112131415
OpenSSH 5.0p1 is a free version of the SSH protocol suite of network connectivity
tools that increasing numbers of people on the Internet are coming to rely on.
OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0.
HP-UX Secure Shell is a binary package compiled with support for PAM, gssapi,
krb5, libwrap, and no support for Smartcard. HP-UX Secure Shell is built to install
and un-install using the SD-UX utility and includes all required pre-requisites.
2 How do I find out the version of HP-UX Secure Shell I am using? How do I find out
whether I am running HP-UX Secure Shell or the public domain version of OpenSSH?
Use the swlist command to display the name and version number of HP-UX Secure
Shell. For example:
# swlist grep T1471AA
T1471AA A.05.00 HP-UX Secure Shell
You can also use the what command shown in the example below:
# what /usr/bin/scp
3
Is libwrap.a linked in HP-UX Secure Shell? Must I only configure hosts.allow
and hosts.deny to use the access control provided by tcp_wrapper?
Yes, thelibwrap.a archive library consisting of tcp_wrapper version
7.6-ipv6.4, is linked to HP-UX Secure Shell. You only need to configure
hosts.allow and hosts.deny to use the access control provided by
tcp_wrapper.
4
Is HP-UX Secure Shell vulnerable to the reported double free bug in the zlib
compression algorithm documented at
http://www.cert.org/advisories/CA-2002-07.html?
All versions of HP-UX Secure Shell starting from A.03.10 are built with support for
zlib-1.1.4 or later. So, HP-UX Secure Shell is not affected by the bug described
above.
HP-UX Secure Shell versions A.04.70.021, A.04.70.022, and A.04.70.023 are built with
zlib v1.2.3.
5 Is HP-UX Secure Shell vulnerable to the following CERTs:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0131?
This version of HP-UX Secure Shell is built with OpenSSL-0.9.7m and is not affected
by these two CERTs. The vulnerabilities were fixed in OpenSSL-0.9.7d.
Frequently Asked Questions (FAQ) 15