Manualshelf

HP-UX Secure Shell A.05.80.001, A.05.80.002, and A.05.80.003 Release Notes, May 2011 (5900-1754)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
12345678910
ssh(1): Atomically” creates the listening mux socket by binding it on a temporary name and
then linking it into position after listen() has succeeded. This allows the mux clients to determine
that the server socket is either ready or stale without races. Stale server sockets are now
automatically removed. (Also fixes bz#1711)
ssh(1) or sshd(8): Added a KexAlgorithms knob to the client and server configuration to allow
selection of key exchange methods which are used by ssh(1) and sshd(8) and the order of
preference.
sftp(1) or scp(1): Factor out bandwidth limiting code from scp(1) into a generic bandwidth
limiter that can be attached using the atomicio callback mechanism and use it to add a
bandwidth limit option to sftp(1). bz#1147
Support for the Sftpfilecontrol Patch
HP-UX Secure Shell supports the Sftpfilecontrol patch. This patch enables administrators to
set the umask on sftp sessions and to control the issue of chown and chmod commands in an
sftp session. As a result, the following server configuration directives (/opt/ssh/etc/
sshd_config) related to Sftpfilecontrol are supported in this release:
#SftpUmask
#SftpPermitChmod yes
#SftpPermitChown yes
This patch supersedes the sftplogging patch for HP-UX Secure Shell versions A.04.50 and
higher.
Defects Fixed in OpenSSH 5.8p1
The HP-UX Secure Shell version A.05.80 is based on OpenSSH 5.8p1 and includes the defect
fixes mentioned in http://openssh.org/txt/release-5.7 and http://openssh.org/txt/release-5.8
OpenSSH 5.8p1 also includes fixes for some security vulnerabilities.
For more information on these defect fixes, see the Bugzilla Website at: http://bugzilla.mindrot.org.
Defects Fixed in HP-UX Secure Shell A.05.80
HP-UX Secure Shell version A.05.80 includes defect fixes and new features.
For more information on these defect fixes, see the Bugzilla Website at: http://bugzilla.mindrot.org.
Known Problems and Workarounds
The following are the known problems and workarounds in HP-UX Secure Shell A.05.80:
WARNING! Do NOT specify user specific information during configuration of host-based
authentication. Host-based authentication supports only authentication of hosts. It does not
allow user-specific authentication. When the user configures the host-based authentication
with the following, # cat /etc/hosts.equivmyhost.mydomain.com specificuser,
it allows the specificuser@myhost.mydomain.com to login to any local account on the
remote machine.
The base code of OpenSSH 5.8p1 supports logging of sftp transactions. LogFacility
and LogLevel options are added to sftp-server as command-line options to log these
transactions. As a result, the following directives are not supported in this release of HP-UX
Secure Shell:
6 HP-UX Secure Shell A.05.80