HP-UX 11i Version 2 June 2007 Release Notes
Security
HP-UX Secure Shell
Chapter 8
188
Documentation
For further information, see the HP-UX 11i Security Containment Administrator's
Guide: HP-UX Servers and Workstations at
http://docs.hp.com/en/5991-1821/index.html
Obsolescence
Not applicable.
HP-UX Secure Shell
HP-UX Secure Shell A.04.40.005, A.04.40.010, and A.04.40.011, based on OpenSSH
4.4p1, offers transparent encrypted security for HP-UX 11i v1, HP-UX 11i v2, and
HP-UX 11i v3. The client/server architecture supports the SSH-1 and SSH-2 protocols
and provides secured remote login, file transfer, and remote command execution. HP-UX
Secure Shell A.04.40.011 is supported on the HP-UX 11i v2 operating system.
Following lists the availability of HP-UX Secure Shell products on HP-UX 11i v1, 11i v2,
and 11i v3:
• A.04.40.010 - HP-UX 11i v1
• A.04.40.011 - HP-UX 11i v2
• A.04.40.005 - HP-UX 11i v3
Summary of Change
Following are the new features introduced in HP-UX Secure Shell Versions A.04.40.005,
A.04.40.010, and A.04.40.011:
•The ssh ControlMaster directive for Connection Sharing now allows users to share
up to 128 sessions
• The High Performance Enabled SSH/SCP (HPN) patch provides improved
performance for remote-to-local and local-to-remote file transfers.
The following new features introduced in OpenSSH4.4p1 are also included in HP-UX
Secure Shell Versions A.04.40.005, A.04.40.010, and A.04.40.011:
• Introduction of the match configuration directive to enable you to specify
configuration options based on user, group, hostname, or address.
• Support for Diffie-Hellman Group Exchange Key Agreement
• New configuration directives introduced in the sshd_config file:
— The ForceCommand directive-forces the execution of the command specified by
ForceCommand, ignoring any other command supplied by the client.
— The PermitOpen directive-specifies the destinations to which TCP port
forwarding is permitted.