HP-UX Secure Shell A.06.20.004, A.06.20.005, and A.06.20.006 Release Notes (5900-3159, July 2013)
Defects fixed in HP-UX Secure Shell A.06.20.001, A.06.20.002, and
A.06.20.003
• Fixed the issue to properly display the Korean banner message properly when user connects
with SSH.
• Added a new sshd_config keyword DisplayHostNameInAuditLog to have the hostname
reported in syslog for ssh. This new config option logs the hostname in addition to the IP
Address in syslog.
• Added the sshd_config option AuthorizedKeysCommand to obtain the authorized_keys
from a command in addition to (or instead of) the fetching from the filesystem. The command
is executed under an account specified by an AuthorizedKeysCommandUser
sshd_config option.
• Fixed the issue to prevent the hanging of scp and sftp commands when you enable keystroke
logging using HPUX-RBAC (HP-UX Role-Based Access Control).
Known problems and workarounds
The following are the known problems and workarounds in HP-UX Secure Shell A.06.20:
• WARNING! Do not specify user specific information during configuration of host-based
authentication. Host-based authentication supports only authentication of hosts. It does not
allow user-specific authentication. When the user configures the host-based authentication
with the following, # cat /etc/hosts.equivmyhost.mydomain.com specificuser,
it allows the specificuser@myhost.mydomain.com to login to any local account on the
remote machine.
• The base code of OpenSSH 6.2p2 supports logging of sftp transactions. LogFacility
and LogLevel options are added to sftp-server as command-line options to log these
transactions. As a result, the following directives are not supported in this release of HP-UX
Secure Shell:
◦ #LogSftp no
◦ #SftpLogFacility AUTH
◦ #SftpLogLevel INFO
• The following SMSE behavior is seen in this version of HP-UX Secure Shell:
Audit log messages show repeated entries for a user. This occurs because bad login attempts
are logged in the audit file.
6 HP-UX Secure Shell A.06.20