HPE Community
Operating System - HP-UX
1833728 Members
2894 Online
110063 Solutions
New Discussion

HP-UX Secure Shell Encrypts Remote Network Traffic

 
HP-UX Secure Shell Team
Occasional Contributor

‎06-17-2002 03:47 PM

‎06-17-2002 03:47 PM

HP-UX Secure Shell Encrypts Remote Network Traffic

Hi Everyone,

Thought you'd be interested to know that Secure Shell technology is now available with HP-UX. You can download HP-UX Secure Shell A.03.10, based on OpenSSH 3.1p1, at http://software.hp.com. HP-UX Secure Shell transparently encrypts remote network traffic for HP-UX 11.0 and 11i. It provides stronger security than the traditional ftp, remsh, telnet, and rcp services. Best of all, it is free of charge! HP supports HP-UX Secure Shell for no additional cost to customers with HP-UX Support Agreements.

If you have questions about HP-UX Secure Shell, look for answers in the HP-UX Secure Shell Frequently Asked Questions available by searching the ITRC for "Secure Shell FAQs".

You can also learn more about the product by reading the documentation located in /opt/ssh/readme.

Best Regards,
Mike
0 Kudos
Reply
7 REPLIES 7
Steven Sim Kok Leong
Honored Contributor

‎06-17-2002 06:06 PM

‎06-17-2002 06:06 PM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic

Hi,

Great! I gather that this release from HP will solve the interoperability issues with TCB password policies which occurs in third-party OpenSSH distributions.

Regards.

Steven Sim Kok Leong
0 Kudos
Reply
Craig Rants
Honored Contributor

‎06-19-2002 06:07 AM

‎06-19-2002 06:07 AM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic

I would also ask the same, really what were the compile time options

prefix=/opt/openssh2

--sysconfdir=/opt/openssh2/etc --with-pam

--with-ssl-dir=/usr/local/openssl/lib

--with-default-path=/bin:/usr/bin:/opt
/openssh2/bin


If not, you could probably expect some follow up requests to have these options added...

Craig
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
HP-UX Secure Shell Team
Occasional Contributor

‎06-20-2002 01:48 PM

‎06-20-2002 01:48 PM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic

Hi,

We do support HP-UX trusted systems, so the answer to the TCP password policies is that it should interoperate with HP-UX secure shell, but we did not test with every flavor of Secure Shell released.

Regards,
-Mike
0 Kudos
Reply
HP-UX Secure Shell Team
Occasional Contributor

‎06-20-2002 01:49 PM

‎06-20-2002 01:49 PM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic

I meant TCB, sorry for the typo.

Regards,
-Mike

0 Kudos
Reply
Deshpande Prashant
Honored Contributor

‎06-20-2002 02:22 PM

‎06-20-2002 02:22 PM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic

HI
That's great.
Does this version support the password expiry policies. The earlier version from HP software porting center (3.1) did not prompt for password change at expiration.

Thanks.
Prashant.
Take it as it comes.
0 Kudos
Reply
HP-UX Secure Shell Team
Occasional Contributor

‎06-20-2002 03:07 PM

‎06-20-2002 03:07 PM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic


The compile time options are documented in the Makefile in the /opt/ssh/src/ssh directory

PAM is enabled and we tested pam_unix, pam_kerberos, and pam_ldap. It should work with any well behaved pam module, but we did not try them all.

The common ssh* files are delivered into /opt/ssh/bin and /usr/bin/ssh* files and are symlinked to /opt/ssh/bin. So typing ssh or slogin after install should be all that is needed to start using HP-UX secure shell.

The system-wide config files are at /etc/opt/ssh.

The openssl,zlib, and libwrap libraries are archive linked to the executables so you do not need to install those components separately.

We dynamically load kerberos on 11.0 so if you want to use kerberos V you first need install PAM kerberos on 11.00 and secure shell will make use of kerberos once it is installed and configured. PAM kerberos is another free product at www.software.hp.com If you need a kerberos server as well there is free one available at www.software.hp.com. This kerberos server is based on the source code for CyberSafe kerberos server.

Regards,
-Mike
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎06-20-2002 11:23 PM

‎06-20-2002 11:23 PM

Re: HP-UX Secure Shell Encrypts Remote Network Traffic

Hi,

Deshpande Prashant is right on the dot about the password policy issues faced with many non-HP releases of SSH.

I encountered the same issue also with SSH Communications ssh release ssh-3.1.0.

In my earlier post, I was hoping that this issue has already been resolved in HP's port.

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.