Manualshelf

HP-UX Secure Shell Getting Started Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
88899091929394959697
ask HP-UX Secure Shell adds the new host keys to the users known_hosts file after
confirming with the user. HP-UX Secure Shell then does not connect to hosts with changed
host key. The host keys of known hosts are verified automatically.
The default setting is ask.
For example:
StrictHostKeyChecking ask
TCPKeepAlive
Use this directive to specify whether the client must send TCP keep alive messages to the server.
If TCP keep alive messages are sent, the client notices termination of the connection or a server
crash. However, HP-UX Secure Shell also terminates connections if the route is down temporarily.
The default setting is YES, which sends TCP keepalive messages. The client notices if the network
goes down or the server terminates. To disable TCP keep alive messages, set TCPKeepAlive to
no.
For example:
TCPKeepAlive yes
UserPrivilegedPort
Use this directive to specify whether to use a privileged port for outgoing connections.
The default setting is no.
For example:
UserPrivilegedPort no
NOTE: This option must be set to YES for RhostsRSAAuthentication with older versions
of HP-UX Secure Shell.
User
Use this directive to specify the user to log in to the system. Use this directive when different
user names are used on different systems. With this directive, you do not have to specify the
user name on the command line.
The default value is null.
For example:
User john
UserKnownHostsFile
Use this directive to specify a file to use for the user host key database rather than the $HOME/
.ssh/known_hosts file.
The default value is $HOME/.ssh/known_hosts.
For example:
UserKnownHostsFile /home/john/.ssh/new_known_hosts
VerifyHostKeyDNS
Use this directive to specify whether or not to verify the remote key using DNS and SSHFP
resource records.
Following are some valid values for the VerifyHostKeyDNS directive:
yes Specifies that the client implicitly trusts keys that match a secure fingerprint from DNS.
ask Displays information when fingerprints match.
The default setting is no.
For example:
94 Configuration Files and Directives