Manualshelf

HP-UX Secure Shell A.05.80.001, A.05.80.002, and A.05.80.003 Release Notes, May 2011 (5900-1754)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
12345678910
zlib V1.2.3
OpenSSL V0.9.8q For HP-UX 11i V3, OpenSSL is a shared library
TCP Wrappers V7.6-ipv6.4
Secure Shell Versions on HP-UX
Table 1 lists the versions of HP-UX Secure Shell products available for HP-UX 11i V1, HP-UX 11i
V2, and HP-UX 11i V3.
Table 1 Availability of Secure Shell Versions on HP-UX
VersionSupported Operating System
HP-UX Secure Shell version A.05.80.001HP-UX 11i V1
HP-UX Secure Shell version A.05.80.002HP-UX 11i V2
HP-UX Secure Shell version A.05.80.003HP-UX 11i V3
Support Notice
HP provides software technical support for HP-UX Secure Shell for the latest, currently shipping
version, and the previous version of the product.
New Features
HP-UX Secure Shell version A.05.80 is based on OpenSSH 5.8p1. It is mainly a bug fix release,
however, the following new features have been included:
Implemented Elliptic Curve Cryptography modes for key exchange (EDCH) and host or user
keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance using
shorter keys than the plain DH and DSA at the same equivalent symmetric key length.
Only the mandatory sections of RFC5656 are implemented, that is, the three REQUIRED curves
nistp256, nistp384, and nistp521, ECDH and ECDSA. Point compression (optional in
RFC5656) is NOT implemented.
Certificate host and user keys using the new ECDSA key types are supported; an ECDSA key
may be certified, and an ECDSA key may act as a CA to sign certificates.
ECDH in a 256 bit curve field is the preferred key agreement algorithm when both the client
and server supports it. ECDSA host keys are preferred to learn it for the first time or you can
also learn by using ssh-keyscan(1).
sftp(1) or sftp-server(8): Added a protocol extension to support a hard link operation. It is
available through the “In” command in the client. The old “In behavior of creating a symlink
is available using its “-s option or through the pre-existing symlink command.
scp(1): Added a new —3 option to scp. In the presence of this option the copies between two
remote hosts are transferred through the local host. In the absence of this option the data is
copied directly between the two remote hosts.
ssh(1): Automatically orders the host keys requested by the client, based on the host keys
already recorded in known_hosts. This avoids host key warnings when connecting to servers
with new ECDSA keys, as these are preferred when learning host keys for the first time.
ssh(1) or sshd(8): Added a new IPQoS option to specify arbitrary TOS/DSCP/QoS values
instead of hardcoding lowdelay or throughput. bz#1733
sftp(1): The sftp client is now significantly faster at performing directory listings, using OpenBSD
glob(3) extensions to preserve the results of stat(3) operations performed in the course of its
execution rather than performing expensive round trips to fetch them again later.
Secure Shell Versions on HP-UX 5