System Administration
Showing results for 
Search instead for 
Did you mean: 

Installing SSH (OpenSSH) on HP-UX 11.00 and 10.20

Jared Rudy

Installing SSH (OpenSSH) on HP-UX 11.00 and 10.20

HP doesn't supply SecureShell (HP's renamed OpenSSH) for versions older then HP-UX 11iv1. HP cannot call it OpenSSH for legal reasons so they simple call it SecureShell. To install OpenSSH on older version of HP-UX follow the following instructions. Note this document was written using HP-UX 11i (B.11.00).

1. Visit Merijn's HP-UX software download page:
Locate section for your particular setup and download zlib, OpenSSL and OpenSSH:
For HP-UX 11.00 32 bit:
OpenSSH 4.0p1
OpenSSL 0.9.7d

2. Install
Extract and rename to
Move to correct directory: mv /usr/local/lib/
SSH looks for in /pro/local/lib which most likely doesn't exist on your system. To fix this create a symbolic for /pro to /usr: ln -s /usr/ /pro
Update to correct permissions: chmod 755 /usr/local/bin/

3. Install openssl then openssh:
swinstall -s /full/path/
swinstall -s /root/temp/

4. OpenSSH uses a random number generator to create unique keys. HP-UX 10.20 and 11.00 don't have a strong random number generator so if one attempts to use ssh after installing the above software will receive error: PRNG is not seeded. It might be possible in your environment to download, compile and install a strong random number generator; but most likely not, so to seed PRNG manually do the following:

echo â j;ldsajf;lkjaf;ladsjf;l_a whole bunch of garbage_ kdja;lfjdasl;fjaâ > /dev/random
echo â j;ldsajf;lkjaf;ladsjf;l_a whole bunch of garbage_ kdja;lfjdasl;fjaâ > /dev/urandom

5. You now can connect to a UNIX or Linux server using ssh

Starting the SSH server:
1. Need to create keygen (from normal user):
ssh-keygen -t rsa -b 2048 -f /usr/local/etc/ssh_host_rsa_key
ssh-keygen -t dsa -b 2048 -f /usr/local/etc/ssh_host_dsa_key
2. Add following line to /etc/passwd (Takes care of error: Privilege separation user sshd does not exist)
echo "sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin" >> /etc/passwd
Create â emptyâ Directory and set proper permissions:
mkdir /var/empty
chown root:root /var/empty
chmod 744 /var/empty

3. Start service: /usr/local/sbin/sshd &

Hopefully this will be useful to any of the poor fools like me who are stuck keeping one of these aging systems going.