Hey;
I've used fsecure successfully on HP platforms. We didn't have to replace the HP's openssh implementation because we didn't have it installed at the time - something that won't be the case with 11.23.
The only problem I remember is compiling it in the first place. Once compiled, though, it was a very simple nfs mount the source, make install, on each node. Worked like a champ.
Operationally, the only major difference that I'm aware of is public key authentication:
Fsecure is a ssh version 2 compliant implementation - so there are differences in the way that public key authentication works. Make sure you understand those.
If you're going to interact with openssh servers, make sure you're aware of the ssh-keygen -e (to export openssh keys to IETF format) and -i (to import IETF keys to openssh format)
My opion is that it's actually better than openssh because fsecure will log which key was used to log in via PKA; there's no way to do that with openssh.
If I remember right, there were also some signficant differences in the ssh_config and sshd_config syntax/options. I *think* that openssh provides more options and should be a little more flexible, but it's been a couple of years since I've had access to Fsecure's man pages.
Those are the ones that I remember... Hope that helps.
Doug O'Leary
------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
