HPE Community
Operating System - HP-UX
1825859 Members
3116 Online
109689 Solutions
New Discussion

ssh version upgrade

 
denaro
Occasional Contributor

‎09-07-2017 11:32 PM

‎09-07-2017 11:32 PM

ssh version upgrade

Hi team! We have a vulnerability assessment in our HP-Ux boxes. As per this we  have to update the ssh version from 1 to 2 .  I check version ssh by "ssh -V"

OpenSSH_6.2p1+sftpfilecontrol-v1.3-hpn13v12, OpenSSL 0.9.8y 5 Feb 2013
HP-UX Secure Shell-A.06.20.006, HP-UX Secure Shell version

after I edit file "vi /opt/ssh/etc/ssh_config" and change Protocol 2,1 to Protocol 2

check by this command  grep -i protocol /opt/ssh/etc/sshd_config
Protocol 2
# HostKey for protocol version 1
# HostKeys for protocol version 2
# similar for protocol version 2

I restarted ssh demon but when i check version ssh? he can't change

restarted by /sbin/init.d/secsh start and stop

and by this sh /sbin/init.d/secsh start and stop

Please help

 

0 Kudos
Reply
5 REPLIES 5
Steven Schweda
Honored Contributor

‎09-08-2017 06:31 AM

‎09-08-2017 06:31 AM

Re: ssh version upgrade

> [...] I check version ssh by "ssh -V"

   A better start would be "uname -a".

> OpenSSH_6.2p1+sftpfilecontrol-v1.3-hpn13v12, OpenSSL 0.9.8y 5 Feb 2013
> HP-UX Secure Shell-A.06.20.006, HP-UX Secure Shell version

   Before I started playing with configuration files on an obsolete
version of Secure Shell, I'd investigate a current version of Secure
Shell.  For example, a search for "secure shell" at hpe.com led to:
https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA


> I restarted ssh demon but when i check version ssh? he can't change

   Did you expect to change the _program_ version by editing a
configuration file?

0 Kudos
Reply
Bill Hassell
Honored Contributor

‎09-08-2017 06:52 AM - edited ‎09-08-2017 06:53 AM

‎09-08-2017 06:52 AM - edited ‎09-08-2017 06:53 AM

Re: ssh version upgrade

The protocol (as well as the dozens of other parameters in sshd_config) will not change the version. You can verify that protocol 1 won't work by running ssh -1 <yourHP-UXhost> from a remote system and looking at the result. It should say:

# ssh -1 atl6 date
Protocol major versions differ: 1 vs. 2
#

and will not connect.

The man page for ssh shows the command line options.



Bill Hassell, sysadmin
0 Kudos
Reply
denaro
Occasional Contributor

‎09-10-2017 12:23 AM

‎09-10-2017 12:23 AM

Re: ssh version upgrade

I checked connect by ssh -1 <yourHP-UXhost>  and he gave message

Protocol major versions differ: 1 vs. 2

when i tried connect by  ssh -2 <yourHP-UXhost> he asked password. It's mean ssh change yourself protocol?

0 Kudos
Reply
denaro
Occasional Contributor

‎09-10-2017 12:27 AM

‎09-10-2017 12:27 AM

Re: ssh version upgrade

Did you expect to change the _program_ version by editing a
configuration file?

I read manuals and many manuals say than change this configuration files and your ssh change protocol to v2

0 Kudos
Reply
Bill Hassell
Honored Contributor

‎09-10-2017 03:20 PM

‎09-10-2017 03:20 PM

Re: ssh version upgrade

It sounds like ssh is working correctly. Is that right?


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.