HPE Community
Operating System - HP-UX
1823143 Members
3679 Online
109647 Solutions
New Discussion юеВ

Trusted Systems with SSH

 
Account Not Used
Frequent Advisor

тАО04-18-2001 02:11 PM

тАО04-18-2001 02:11 PM

Trusted Systems with SSH

We are currently installing SSH 2.4.0 on a Trusted System. We are having problems do to the /tcb directories where the real passwd file is. We have called there tech. Support and have not received a workable answer as yet. They say they are aware of the problem and remember a customer who got it to work on a Trusted System on HP/UX 11.0. They are currently looking for the answer. I was wondering does anyone out there know how to get around this.
We would prefer to use this supported version of SSH rather than Open SSH even thought Open SSH seems to work. Please can someone help?
"Who moved my cheese?"
0 Kudos
Reply
6 REPLIES 6
Patrick Wallek
Honored Contributor

тАО04-18-2001 03:20 PM

тАО04-18-2001 03:20 PM

Re: Trusted Systems with SSH

One option would be to temporarily unconvert your system so everything is back in the passwd file and then once the installation is done, convert the system back to trusted to recreate the /tcb file.

I believe tsunconvert will unconvert you and tsconvert will put you back into a trusted system. If you unconvert you will probably lose any configuration you have done as far as expiring ID's, passwords, etc. though.
0 Kudos
Reply
Account Not Used
Frequent Advisor

тАО04-19-2001 08:18 AM

тАО04-19-2001 08:18 AM

Re: Trusted Systems with SSH

OK we give it a shot and let you know the outcome. We were told it had to be Trusted first. Thanks "Talk to ya later" .
"Who moved my cheese?"
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

тАО04-19-2001 04:13 PM

тАО04-19-2001 04:13 PM

Re: Trusted Systems with SSH

Hi,

Perhaps you may want to rely on older versions of SSH such as SSH 2.1.0 which has no issues with TCB.

For these older versions to work (I am not sure about SSH 2.4.0), SSH must be compiled only after the OS has been converted to trusted systems. This is because the ./configure script will check whether the system is trusted before creating the appropriate Makefile. If the OS is converted only after SSH has been compiled, SSH will not work with TCB as it has not bee compiled to work with it.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
Account Not Used
Frequent Advisor

тАО04-20-2001 07:38 AM

тАО04-20-2001 07:38 AM

Re: Trusted Systems with SSH

Steven thanks for all your input. We have trusted the system before we compiled SSH. We will try going back to an older version such as you suggested. Thanks very much fot you input. I will let you know how it turns out.

Thanks MJC
"Who moved my cheese?"
0 Kudos
Reply
Chris Calabrese
Valued Contributor

тАО05-04-2001 06:00 AM

тАО05-04-2001 06:00 AM

Re: Trusted Systems with SSH

Also, none of the versions of *ssh I've used on 11.x with in trusted mode set the utmp/wtmp entries correctly. We're working with SSH Communications on this, but if you're using OpenSSH you could fix it yourself.
Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader
0 Kudos
Reply
Account Not Used
Frequent Advisor

тАО05-04-2001 07:22 AM

тАО05-04-2001 07:22 AM

Re: Trusted Systems with SSH

I just want to thank everyone that gave me input to my question on SSH. We are currently ruunning now sucessfully with Open SSH on four Trusted Systems HP?UX 11.0 and one NT server Service Pak 5. Thank you everyone.

MJC
"Who moved my cheese?"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.