Manualshelf

HP-UX Secure Shell A.05.30.008 and A.05.30.009 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
12345678910
#SftpUmask
#SftpPermitChmod yes
#SftpPermitChown yes
This patch supersedes the sftplogging patch for HP-UX Secure Shell versions A.04.50 and
higher.
Defects Fixed in OpenSSH5.3p1
The HP-UX Secure Shell version A.05.30 is based on OpenSSH5.3p1 and include the defect fixes
mentioned in Table 1-2.
Table 1-2 Defects Fixed in OpenSSH5.3p1
Defect FixDefect Identifier
Background Information: SSHFS causes link() to return ENOSYS, if someone writes
the necessary code to interface the sshfs userspace program(s) with HP-UX kernel,
SSHFS works on HP-UX.
Accept ENOSYS as a fallback error when attempting atomic rename().
Bugzilla #1535
Background Information: Search the path for the krb5-config file if the prefix was
not specified.
Fix detection of krb5-config.
Bugzilla #1639
Fix test for server-assigned remote forwarding port for non-root users.Bugzilla #1578
Documentation errors are fixed.
OpenSSH 5.3p1 also includes fixes for some security vulnerabilities.
For more information on these defect fixes, see the Bugzilla Website at: http://bugzilla.mindrot.org.
Defects Fixed in HP-UX Secure Shell A.05.30
HP-UX Secure Shell versions A.05.30. include defect fixes and new features.
For more information on these defect fixes, see the Bugzilla Website at: http://bugzilla.mindrot.org.
Known Problems and Workarounds
Following are the known problems and workarounds in HP-UX Secure Shell A.05.30:
Do NOT specify user specific information during configuration of host-based authentication.
Host-based authentication supports only authentication of hosts. It does not allow
user-specific authentication. When, user configures the host-based authentication with the
following, # cat /etc/hosts.equivmyhost.mydomain.com specificuser, it
allows the specificuser@myhost.mydomain.com to login into any local account on the
remote machine.
The base code of OpenSSH 5.3p1 and above supports logging of sftp transactions.
LogFacility and LogLevel options are added to sftp-server as command-line options
to log these transactions. As a result, the following directives are not supported in this release
of HP-UX Secure Shell:
#LogSftp no
#SftpLogFacility AUTH
#SftpLogLevel INFO
The following SMSE behavior is seen in this version of HP-UX Secure Shell:
Audit log messages show repeated entries for a user. This occurs because bad login attempts
are logged in the audit file. For example, a user trying Public key authentication with bad
6 HP-UX Secure Shell A.05.30