Manualshelf

HP-UX Secure Shell A.05.30.008 and A.05.30.009 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
12345678910
4. In the Source Depot Path field, enter the drive mount point and click OK. Change
theSource Host Name, if needed.
5. Select T1471AA (for HP-UX 11i v2) or SecureShell (for HP-UX 11i v3) from the list of
available software, and click Mark for Install on the Actions menu.
6. Click Install on the Actions menu.
7. Click OK in the Install Analysis window when the Status field displays a Ready message.
8. Click Yes. The swinstall command loads the HP-UX Secure Shell files on the system in
approximately 3 to 5 minutes.
NOTE: The sshd daemon is pre-configured, and it is started after installation.
The swinstall command installs HP-UX Secure Shell in the /opt/ssh/ directory.
HP-UX Secure Shell and chroot Environments
HP-UX Secure Shell version A.05.30 supports chroot functionality for the ssh, sftp, and scp
commands. The chroot functionality is mainly used as an added security measure.
When you enable chroot, you can start an application in a specified directory and enable all its
users access to that directory and the directories below it. It prevents users from using the cd
command to access directories at a higher level. Use this functionality to enable restricted file
and directory access to users of a particular application. This is not an end-user feature. The
system administrator must enable the chroot functionality for an application. All users of that
application will automatically be subject to the restrictions imposed by chroot.
See the README file at /opt/ssh/README.hp for more information on setting up the chroot
functionality. The chroot setup script is available at /opt/ssh/utils/
ssh_chroot_setup.sh.
Frequently Asked Questions (FAQ)
This section discusses questions frequently asked about HP-UX Secure Shell.
1 What is the difference between HP-UX Secure Shell A.05.00 and OpenSSH 5.0p1?
OpenSSH 5.0p1 is a free version of the SSH protocol suite of network connectivity tools that
increasing numbers of people on the Internet are coming to rely on. OpenSSH supports SSH
protocol versions 1.3, 1.5, and 2.0.
HP-UX Secure Shell is a binary package compiled with support for PAM, gssapi, krb5, libwrap,
and no support for Smartcard. HP-UX Secure Shell is built to install and un-install using the
SD-UX utility and includes all required pre-requisites.
2 How do I find out the version of HP-UX Secure Shell I am using? How do I find out whether
I am running HP-UX Secure Shell or the public domain version of OpenSSH?
Use the swlist command to display the name and version number of HP-UX Secure Shell.
For example:
# swlist grep T1471AA
T1471AA A.05.00 HP-UX Secure Shell
You can also use the what command shown in the example below:
# what /usr/bin/scp
3
Is libwrap.a linked in HP-UX Secure Shell? Must I only configure hosts.allow and
hosts.deny to use the access control provided by tcp_wrapper?
Yes, the libwrap.a archive library consisting of tcp_wrapper version 7.6-ipv6.4,
is linked to HP-UX Secure Shell. You only need to configure hosts.allow and hosts.deny
to use the access control provided by tcp_wrapper.
4
Is HP-UX Secure Shell vulnerable to the reported double free bug in the zlib compression
algorithm documented at http://www.cert.org/advisories/CA-2002-07.html?
10 HP-UX Secure Shell A.05.30