Manualshelf

HP-UX Secure Shell Getting Started Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
71727374757677787980
GatewayPorts
Use this directive to ensure that the sshd daemon enables remote port forwardings to bind to
non-loopback IP addresses, and enables other hosts to connect. Use one of the following arguments
with this directive:
no
Forces remote port forwardings to be available to the local host only.
YES
Forces remote port forwardings to bind to the wildcard addresses.
clientspecified
Enables the client to select the address to which the port must be
forwarded. If GatewayPorts is set to clientspecified, the SSH
server honours the binding address specified for remote port forwarding.
The default setting is no.
For example:
GatewayPorts no
GSSAPIAuthentication
Use this directive to specify whether GSS-API can be used to authenticate users.
The default setting is no.
For example:
GSSAPIAuthentication no
GSSAPICleanupCredentials
Use this directive to specify whether the user credentials must be automatically destroyed on
logout.
The default setting is YES.
For example:
GSSAPICleanupCredentials YES
GSSAPIEnableMitmAttack
Use this directive to enable GSS-API authentication for the server.
TIP: Set this directive to YES for older versions of HP-UX Secure Shell clients to connect to an
HP-UX Secure Shell A.04.20 server using GSS-API authentication.
The GSSAPI_WITH_MIC authentication method was introduced in HP-UX Secure Shell 3.8, but
a patch was provided to maintain compatibility with the previous GSS-API authentication
method. This patch enables older versions of the client to connect to newer versions of the server
using GSS-API authentication. Similarly, newer versions of the client can connect to older versions
of the server.
To enable the server to support the older GSS-API authentication methods, set this directive to
YES.
The default setting is no.
For example:
GSSAPIEnableMitmAttack YES
NOTE: This directive is available for the SSH-2 protocol only.
HostbasedAuthAllowUsers
This configuration directive has been introduced by the 3rd party Auth Selection patch. Use this
configuration directive to specify which users can authenticate using host based authentication.
The default setting is to allow all users.
Server Configuration Directives 71