HP-UX Secure Shell A.05.30.008 and A.05.30.
Legal Notices Copyright 2010 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents 1 HP-UX Secure Shell A.05.30.........................................................................................5 Announcement.......................................................................................................................................5 Secure Shell Versions on HP-UX............................................................................................................5 Support Notice........................................................................
List of Tables 1-1 1-2 1-3 1-4 1-5 1-6 4 Availability of Secure Shell Versions on HP-UX ............................................................................5 Defects Fixed in OpenSSH5.3p1......................................................................................................6 Scenarios where pam_setcred Generates Error Messages..........................................................7 System Requirements for Installing HP-UX Secure Shell A.05.30......................................
1 HP-UX Secure Shell A.05.30 This document discusses the most recent product information for HP-UX Secure Shell versions A.05.30.008 and A.05.30.009 that are supported on HP-UX 11i v2 and HP-UX 11i v3 respectively. This document addresses the following topics: • • • • • • • • • • • • “Secure Shell Versions on HP-UX” (page 5) “New Features” (page 5) “Defects Fixed in OpenSSH5.3p1” (page 6) “Defects Fixed in HP-UX Secure Shell A.05.
• #SftpUmask • #SftpPermitChmod yes • #SftpPermitChown yes This patch supersedes the sftplogging patch for HP-UX Secure Shell versions A.04.50 and higher. Defects Fixed in OpenSSH5.3p1 The HP-UX Secure Shell version A.05.30 is based on OpenSSH5.3p1 and include the defect fixes mentioned in Table 1-2. Table 1-2 Defects Fixed in OpenSSH5.
RSA and DSA keys results in a bad login attempt for each key type. In such a scenario, the audit log has the following entries: SELF-AUDITING TEXT: User= root uid=0 ssh authentication method PUBKEY - failed SELF-AUDITING TEXT: User= root uid=0 ssh authentication success - user logged in SELF-AUDITING TEXT: User= root uid=0 ssh session open For more information on HP-UX SMSE, see http://www.docs.hp.com/en/ internet.
The syslogd daemon reads the syslog messages written by all subsystems and reports it to the /dev/log file. In a chroot-ed environment, the sshd daemon writes its syslog messages to /dev/log. It is not possible to link the /dev/log file to the /dev/log file, resulting in users not being able to view the subset of syslog messages. Workaround: There is no workaround for this problem.
Table 1-5 Support Plus Patches for HP-UX Secure Shell on HP-UX Operating Systems Operating System Recommended Support Plus Patch HP-UX 11i v2 No Support Plus patch required HP-UX 11i v3 No Support Plus patch required The standard HP-UX patch bundles index page lists the release dates for the current patch bundles. Selecting a specific release date provides you with a list of all the patch bundles released on that particular date. NOTE: The standard HP-UX patch bundles are cumulative.
4. 5. 6. 7. 8. In the Source Depot Path field, enter the drive mount point and click OK. Change theSource Host Name, if needed. Select T1471AA (for HP-UX 11i v2) or SecureShell (for HP-UX 11i v3) from the list of available software, and click Mark for Install on the Actions menu. Click Install on the Actions menu. Click OK in the Install Analysis window when the Status field displays a Ready message. Click Yes.
All versions of HP-UX Secure Shell starting from A.03.10 are built with support for zlib-1.1.4 or later. So, HP-UX Secure Shell is not affected by the bug described above. HP-UX Secure Shell versions A.05.00.021, A.05.00.022, and A.05.00.023 are built with zlib v1.2.3. 5 Is HP-UX Secure Shell vulnerable to the following CERTs: http://cve.mitre.org/cgi-bin/ cvename.cgi?name=CAN-2003-0147 http://cve.mitre.org/cgi-bin/ cvename.cgi?name=CAN-2003-0131? This version of HP-UX Secure Shell is built with OpenSSL-0.
