HP-UX Secure Shell A.05.80.001, A.05.80.002, and A.05.80.004 Release Notes, July 2011 (5900-1844)
# what /usr/bin/scp
16 Is libwrap.a linked in HP-UX Secure Shell? Must I only configure hosts.allow and
hosts.deny to use the access control provided by tcp_wrapper?
Yes, the libwrap.a archive library consisting of tcp_wrapper version 7.6-ipv6.4,
is linked to HP-UX Secure Shell. You only need to configure hosts.allow and hosts.deny
to use the access control provided by tcp_wrapper.
17 Is HP-UX Secure Shell vulnerable to the reported double free bug in the zlib compression
algorithm documented at http://www.cert.org/advisories/CA-2002-07.html?
All versions of HP-UX Secure Shell starting from A.03.10 are built with support for zlib-1.1.4
or later. So, HP-UX Secure Shell is not affected by the bug described above.
HP-UX Secure Shell versions A.05.80.001, A.05.80.002, and A.05.80.004 are built with
zlib v1.2.3.
18 Is HP-UX Secure Shell vulnerable to the following CERTs: http://cve.mitre.org/cgi-bin/
cvename.cgi?name=CAN-2003-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?
name=CAN-2003-0131?
This version of HP-UX Secure Shell is built with OpenSSL-0.9.8q and is not affected by these
two CERTs. The vulnerabilities were fixed in OpenSSL-0.9.7d.
19 What options is HP-UX Secure Shell compiled with?
HP-UX Secure Shell is compiled with the following options:
• Options defined in config.h:
#define USE_PAM 1◦
◦ #define IPV4_IN_IPV6 1
◦ #define GSSAPI 1
◦ #define KRB5 1
◦ #define LIBWRAP 1
◦ #define HAVE_MD5_PASSWORDS 1
◦ #undef SMARTCARD
• Options defined in ssh.h:
#define SSH_DEFAULT_PORT 22◦
◦ #define SSH_SERVICE_NAME ssh
• Options defined in makefile:
◦ prefix=/opt/ssh
◦ mandir=/opt/ssh/share/man
◦ piddir=/var/run
◦ PRIVSEP_PATH=/var/empty
◦ bindir=/opt/ssh/bin
◦ sbindir=/opt/ssh/sbin
◦ xauth_path=/usr/bin/X11/xauth
◦ sysconfdir=/opt/ssh/etc
◦ LIBPAM=-lpam
◦ LIBWRAP=-lwrap
20 As Cisco routers and switches are enabled with SSH-1 and use only DES, how do I configure
HP-UX Secure Shell to work with CISCO SSH-1?
14 HP-UX Secure Shell A.05.80