Manualshelf

HP-UX 11i Version 2 Release Notes (October 2003)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU
181182183184185186187188189190
Security
Install-Time Security
Chapter 7
182
Documentation
For installation and quick configuration steps, see the HP-UX Secure Shell Release Notes
for version A.03.10 at the following URL:
http://www.docs.hp.com/hpux/internet/index.html#HP-UX%20Secure%20Shell
There are several HP-UX Secure Shell manpages available. Use the ssh manpage to
learn about HP-UX Secure Shell technology. Use the sshd manpage to learn about the
HP-UX Secure Shell daemon. The ssh and sshd manpages also contain references to
additional task-specific HP-UX Secure Shell manpages.
For answers to questions about HP-UX Secure Shell, consult the “HP-UX Secure Shell
FAQs” by searching the IT Resource Center at http://www.itrc.hp.com. Search for
keywords “HP-UX Secure Shell Frequently Asked Questions (FAQs).”
A large volume of information exists for Secure Shell technology. HP recommends
learning more by reading O'Reilly's SSH, The Secure Shell - The Definitive Guide by
Daniel J. Barrett and Richard E. Silverman.
You can also learn about Secure Shell technology at the following locations:
•OpenSSH at http://www.openssh.com
•IETF at http://www.ietf.org/ (go to Working Groups > Security)
•HP's HP-UX 11i Security book by Chris Wong. A portion of the HP-UX Secure Shell
content is available at http://searchnetworking.techtarget.com. Go to the “Tips
and Newsletters” section and do a search on the keywords “Chris Wong.”
Obsolescence
Not applicable.
Install-Time Security
Install-Time Security 1.0 adds a security step to the install/update process that allows
you to configure the Bastille security lockdown engine during system installation.
Summary of Change
In earlier releases, Bastille had to be downloaded and installed from the HP Software
Depot. In HP-UX 11i v2, Bastille is included in the Operating Environment, along with
Security Patch Check and IPfilter.
During an installation step, you can choose among four preconfigured levels of security
(the default is none):
Security Levels:
1. Sec00Tools - Install security infrastructure without applying security
2. Sec10Host - Host-Based Lockdown, without IPFilter configuration