Operating System - HP-UX
1834481 Members
3301 Online
110067 Solutions
New Discussion

kernel parameter for sshd devices

 
KOGOE
Advisor

kernel parameter for sshd devices

I have download ssh and install it on my system HP-UX 11i v1;I would like to configure all users emulator to use ssh instead of telnet to connect to the server.There are 300 users who connect simultaneously to the system; the problem is that I'm wondering to run out off sshd devices. I would like to know the kernel paramater (as nstrtel for telnet ) to configure to have 300 sshd maximum
7 REPLIES 7
Muthukumar_5
Honored Contributor

Re: kernel parameter for sshd devices

To block telnet session simply use,

configure /etc/profile as,

ps | grep -q 'telnet'
if [[ ${?} -eq 0 ]]
then
echo "Please use ssh. Telnet access is denied"
sleep 3
exit 1
fi

will do it.

--
Muthu
Easy to suggest when don't know about the problem!
Arunvijai_4
Honored Contributor

Re: kernel parameter for sshd devices

Hello,

Easy method is, comment telnetd service in /etc/inetd.conf,

#telnet stream tcp nowait root /usr/lbin/telnetd telnetd

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
Muthukumar_5
Honored Contributor

Re: kernel parameter for sshd devices

I hope no specific kernel parameter for ssh service as like telnet. See this:

http://docs.hp.com/en/939/KCParms/KCparams.OverviewAll.html

May be nstrpty, npty is needed.

--
Muthu
Easy to suggest when don't know about the problem!
Arunvijai_4
Honored Contributor

Re: kernel parameter for sshd devices

Hi,

Check this thread,

https://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=949625

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
Jean-Yves Picard
Trusted Contributor

Re: kernel parameter for sshd devices

Hello,

I do not think there is such things as sshd devices.

sshd man page didn't mention it.

you may run out of process, but if you already have 300 telnet user, you won't run out of process for 300 ssh user.

Jean-Yves Picard

You didn't ask for it, but since every one seems to give advice ...

see my answer on how to disable telnet with a warning message in http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1004287

Armin Kunaschik
Esteemed Contributor

Re: kernel parameter for sshd devices

telnet uses "telnet" devices (pts/t*). The number of therse devices is configure with kernel parameter nstrtel.
ssh uses normal pseudo terminal devices (pts/_number_)
The number of these devices is configured with the kernel parameters npty and nstrpty.

You may need to create new devices if you increase these values like
/sbin/insf -d ptym -n XX
/sbin/insf -d ptys -n XX
/sbin/insf -d pts -s XX

see man ioscan for details.

My 2 cents,
Armin

PS: Please assign points if you find answers useful!
And now for something completely different...
KOGOE
Advisor

Re: kernel parameter for sshd devices

ok thank u
Bye