HP-UX Secure Shell Getting Started Guide
Table 6-1 Configuration Directives to Configure the HPN Patch (continued)
FunctionalityLocationConfiguration Directive
Use this configuration directive to
switch the encryption cipher to the
None cipher after the user is
authenticated. You must enable
NoneEnabled on the client and server
before enabling NoneSwitch. The
default value of this directive is no.
NOTE: You cannot use the None
cipher in interactive Shell sessions. If
you do so, HP-UX Secure Shell fails
without displaying any error
messages.
Present on client
NoneSwitch=[yes/no]
Use this configuration directive to
disable the HPN functionality. You can
disable HPN if the impact of the HPN
code produces a net decrease in
performance. This can happen
sometimes when there are transfers on
a local area network. By default
HPNDisabled is set to yes.
Present on client and server
HPNDisabled=[yes/no]
Use this configuration directive to set
the buffer size when interacting with
Secure Shell installations that do not
have the HPN patch. The value of this
directive ranges from 1 KB to 14 MB.
The default value of this directive is 2
MB. If TcpRecvBufPoll is set to YES,
this overrides the value specified in
HPNBufferSize.
CAUTION: Use of oversized or
undersized buffers can cause
performance issues depending on the
length of the network path.
Present on client and server
HPNBufferSize=[int] KB
NOTE: A client with the HPN patch can work with a non-HPN-enabled sshd server. However,
the client-server connection does not result in optimal performance. While establishing a
connection, the ssh client checks the server version. If the server version has a -hpn suffix, the
client assumes that the server is HPN-enabled, and dynamically adjusts the window size based
on the tcp buffer size. If the server version does not have a -hpn suffix, the client assumes that
the server does not have the HPN patch, and retains the window size to 128 KB.
Changes in the ssh Command due to the HPN Patch
The following changes are made to the ssh command, because of the inclusion of the HPN patch:
• The -w option is replaced with the TcpRecvBuf configuration directive
• A new -z option is introduced to support the None cipher.
58 Enabling HP-UX Secure Shell to Take Advantage of High Speed Networks