HP-UX Secure Shell A.05.60.001, A.05.60.002, and A.05.60.003 Release Notes, October 2010 (5900-1115)
2. Insert the software CD into the appropriate drive if installing from the Application Release
CD. If installing from http://software.hp.com, download the depot and use the swinstall
directions provided on the Installation page where you downloaded the software.
3. Run $ swinstall -s <fully-qualified depot source path> at the command
prompt.
4. In the Source Depot Path field, enter the drive mount point and click OK. Change
theSource Host Name, if needed.
5. Select T1471AA (for HP-UX 11i V1 and HP-UX 11i V2) or SecureShell (for HP-UX 11i
V3) from the list of available software, and click Mark for Install on the Actions menu.
6. Click Install on the Actions menu.
7. Click OK in the Install Analysis window when the Status field displays a Ready message.
8. Click Yes. The swinstall command loads the HP-UX Secure Shell files on the system in
approximately 3 to 5 minutes.
NOTE: The sshd daemon is pre-configured, and it is started after installation.
The swinstall command installs HP-UX Secure Shell in the /opt/ssh/ directory.
HP-UX Secure Shell and chroot Environments
HP-UX Secure Shell version A.05.60 supports chroot functionality for the ssh, sftp, and scp
commands. The chroot functionality is mainly used as an added security measure.
When you enable chroot, you can start an application in a specified directory and enable access
for all its users to that directory and the directories below it. It prevents users from using the cd
command to access directories at a higher level. Use this functionality to enable restricted file
and directory access to users of a particular application. This is not an end-user feature. The
system administrator must enable the chroot functionality for an application. All users of that
application will automatically be subject to the restrictions imposed by chroot.
See the README file at /opt/ssh/README.hp for more information on setting up the chroot
functionality. The chroot setup script is available at /opt/ssh/utils/
ssh_chroot_setup.sh.
Frequently Asked Questions (FAQ)
This section discusses questions frequently asked about HP-UX Secure Shell.
1 What is the difference between HP-UX Secure Shell A.05.60 and OpenSSH 5.6p1?
OpenSSH 5.6p1 is a free version of the SSH protocol suite of network connectivity tools that
increasing numbers of people on the Internet are coming to rely on. OpenSSH supports SSH
protocol versions 1.3, 1.5, and 2.0.
HP-UX Secure Shell is a binary package compiled with support for PAM, gssapi, krb5,
libwrap, and no support for Smartcard. HP-UX Secure Shell is built to install and un-install
using the SD-UX utility and includes all required pre-requisites.
2 Why should Secure Shell be used?
The standard services for interactive sessions on remote machines lack sufficient security.
This results in the server system becoming vulnerable to a wide variety of attacks. Secure
Shell offers strong encryption during authentiication and for the entire duration of the session,
which makes it a perfect replacement for these services.
3 How does Secure Shell authenticate?
Secure Shell authenticates using one or more of the following:
• Password (the /etc/passwd or /etc/shadow in UNIX)
• User public key (RSA or DSA, depending on the release)
• Kerberos5/GSSAPI for SSH-2
HP-UX Secure Shell and chroot Environments 15