HPE Community
Operating System - HP-UX
1836753 Members
2697 Online
110109 Solutions
New Discussion

kernel parameter for sshd devices

 
KOGOE
Advisor

‎03-14-2006 08:16 PM

‎03-14-2006 08:16 PM

kernel parameter for sshd devices

I have download ssh and install it on my system HP-UX 11i v1;I would like to configure all users emulator to use ssh instead of telnet to connect to the server.There are 300 users who connect simultaneously to the system; the problem is that I'm wondering to run out off sshd devices. I would like to know the kernel paramater (as nstrtel for telnet ) to configure to have 300 sshd maximum
0 Kudos
Reply
7 REPLIES 7
Muthukumar_5
Honored Contributor

‎03-14-2006 08:20 PM

‎03-14-2006 08:20 PM

Re: kernel parameter for sshd devices

To block telnet session simply use,

configure /etc/profile as,

ps | grep -q 'telnet'
if [[ ${?} -eq 0 ]]
then
echo "Please use ssh. Telnet access is denied"
sleep 3
exit 1
fi

will do it.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Arunvijai_4
Honored Contributor

‎03-14-2006 08:22 PM

‎03-14-2006 08:22 PM

Re: kernel parameter for sshd devices

Hello,

Easy method is, comment telnetd service in /etc/inetd.conf,

#telnet stream tcp nowait root /usr/lbin/telnetd telnetd

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-14-2006 08:24 PM

‎03-14-2006 08:24 PM

Re: kernel parameter for sshd devices

I hope no specific kernel parameter for ssh service as like telnet. See this:

http://docs.hp.com/en/939/KCParms/KCparams.OverviewAll.html

May be nstrpty, npty is needed.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Arunvijai_4
Honored Contributor

‎03-14-2006 08:25 PM

‎03-14-2006 08:25 PM

Re: kernel parameter for sshd devices

Hi,

Check this thread,

https://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=949625

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Jean-Yves Picard
Trusted Contributor

‎03-14-2006 08:34 PM

‎03-14-2006 08:34 PM

Re: kernel parameter for sshd devices

Hello,

I do not think there is such things as sshd devices.

sshd man page didn't mention it.

you may run out of process, but if you already have 300 telnet user, you won't run out of process for 300 ssh user.

Jean-Yves Picard

You didn't ask for it, but since every one seems to give advice ...

see my answer on how to disable telnet with a warning message in http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1004287

0 Kudos
Reply
Armin Kunaschik
Esteemed Contributor

‎03-15-2006 08:59 PM

‎03-15-2006 08:59 PM

Re: kernel parameter for sshd devices

telnet uses "telnet" devices (pts/t*). The number of therse devices is configure with kernel parameter nstrtel.
ssh uses normal pseudo terminal devices (pts/_number_)
The number of these devices is configured with the kernel parameters npty and nstrpty.

You may need to create new devices if you increase these values like
/sbin/insf -d ptym -n XX
/sbin/insf -d ptys -n XX
/sbin/insf -d pts -s XX

see man ioscan for details.

My 2 cents,
Armin

PS: Please assign points if you find answers useful!
And now for something completely different...
0 Kudos
Reply
KOGOE
Advisor

‎03-15-2006 10:34 PM

‎03-15-2006 10:34 PM

Re: kernel parameter for sshd devices

ok thank u
Bye
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.