HP-UX 11i December 2006 Release Notes
Security
HP-UX Secure Shell
Chapter 8
148
HP-UX Secure Shell
HP-UX Secure Shell 04.30.006 is based on the public domain OpenSSH 4.3p2. The
client/server architecture supports the SSH-1 and SSH-2 protocols and provides secured
remote login, file transfer, and remote command execution.
Summary of Change
• In September 2005, HP-UX Secure Shell version A.04.00 was delivered for the first
time on the HP-UX 11i v1 Operating Environments, and provided the following
features:
— Address binding for port forwarding connections
— Remote binding control
— Hashing of host names and addresses
— Includes new ssh-keygen (1) options
— Improved logging of connection sources
— Improved handling of bad data in authorized_keys files
— Improved connection multiplexing support in ssh (1)
— Output from failing PAM session modules
— Choice of AddressFamily configuration directive in sshd_config (server)
— New configuration directives in ssh_config (client):
— HashKnownHosts
— KbdInteractiveDevices
— Use of untrusted cookies for X11-forwarding
— Support for sending application layer keep-alive messages to the server
— Updated /etc/moduli file
— Support for GSSAPI replaced with GSSAPI-With-MIC
• In version A.04.10, HP-UX Secure Shell provided the following features and other
changes:
— Audit logging of login and logout events, and system calls for HP-UX 11.0 and
11iv1
— Enforcement of the max-bad-login-attempt limit for key-based authentication
methods
— Modified utmp(s) log record with a telnet-compatible ut_id format
— New zlib version 1.2.3
• In version A.04.20, HP-UX Secure Shell provided the following features and other
changes:
— High Performance Enabled SSH/SCP patch