HP-UX 11i June 2001 Release Notes

Internet and Networking Services
Base HP-UX Internet Services (new at 11i original release)
Chapter 10 199
services. This limitation has been eliminated with the introduction of the
“PAM-ized” modules. By PAM-izing rexec and remsh services, users
belonging to other authenticating services like DCE Integrated Login
can use the remsh and rexec services.
/etc/pam.conf File Changes
To use PAM-ized rexec and remsh, the following lines have to be added
to the /etc/pam.conf file:
rcomds auth required /usr/lib/security/libpam_unix.1
rcomds account required /usr/lib/security/libpam_unix.1
Using PAM-ized remshd in Secure Internet Services (SIS)
Environment
rexecd is not Kerber-ized and hence will not work in the SIS
environment. However, remshd is Kerber-ized. To take advantage of the
PAM-ized modules, add the following line to the /etc/pam.conf file.
rcomds auth required /usr/lib/security/libpam_dce.1
Also in the Kerberos environment, remshd has command line options for
combining the UNIXmethod and theKerberos method of authentication.
These command line options can be set in the /etc/inetd.conf file for
the kremshd service. Refer to the kremshd (1M) manpage for a more
detailed description of the options available.
Changes for GateD
With HP-UX 11i, the HELLO protocol of GateD will be obsoleted and no
longer supported.
The BGP protocol available with GateD-3.5.9 on HP-UX 11.0 is also
available and supported on HP-UX 11i.
DHCP with Nonsecure DNS Updates
The Dynamic Host Control Protocol (DHCP) available on HP-UX 11i is
capable of updating the Dynamic Domain Name Server (DDNS). This
feature updates the DDNS with name and IP address of the client. This
means that for every client to which DHCP assigns a name and IP
address, it also adds an “A” and “PTR” resource record (RR) of that client
to the DDNS.