HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Systems Insight Manager
- >
- F-Secure Open SSH
Server Management - Systems Insight Manager
1830044
Members
3090
Online
109998
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2005 07:21 AM
04-07-2005 07:21 AM
F-Secure Open SSH
All of our servers are running FSecure SSH for security reasons and not OpenSSH. I am getting the dreaded " EXCEPTION CLASS: com.hp.mx.exceptions.MxFailedAuthenticationException " error messages.
What changes should I be making in order to get this working?
Thanks
John
What changes should I be making in order to get this working?
Thanks
John
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2005 09:06 AM
04-07-2005 09:06 AM
Re: F-Secure Open SSH
SIM like his own OpenSSH... :(
Problem is also with Cygwin
http://www.hp.com/wwsolutions/misc/hpsim-helpfiles/hpsim-ssh-wp.pdf
"Windows SSH server
While HP-UX and most Linux distributions usually ship with OpenSSH already installed, the same is not true of Windows-based operating systems. HP Systems Insight Manager provides a version of OpenSSH to be used with the DTF on Windows systems. This is installed along with the rest of the CMS software when installing the CMS. For managed systems, it can be installed from the management CD or downloaded from HPâ  s website.
The version provided by HP Systems Insight Manager was repackaged to work seamlessly with the install process. It was also modified to provide greater security than other widely-available distributions. Since OpenSSH is part of OpenBSD, it was originally implemented for UNIX-like operating systems. In order to easily port it to Windows, an emulation layer called Cygwin is used.
Cygwin provides a UNIX emulation layer so that UNIX software can be easily ported to Windows. It also has some well-known security problemsâ  it creates world-readable data structures to emulate UNIX processes. In order to make OpenSSH more secure, the version distributed with HP Systems Insight Manager contains a modified Cygwin compatibility layer that restricts access to these data structures to members of the Administratorâ  s group. Because of this, when HP Systems Insight Managerâ  s version of OpenSSH is used, only Windows Administrators can log into the Windows system via SSH." and:
"Coexistence problems with other Cygwin installations
Only one Cygwin-based program can be installed on a system at any given time.
In order for Cygwin to function, there are certain registry settings that have to existâ  namely, the mount points defined above. The installer checks for the Cygwin registry keys and refuses to install if they exist. The installation also fails if the full Cygwin distribution, or any other software that uses Cygwin (for example, the Python distribution in WinCVS), is installed. This is an unfortunate consequence of multiple Cygwin installations not being able to coexist.
There are other products that use Cygwin out there, and HP Systems Insight Managerâ  s OpenSSH distribution is not compatible with them. This includes other freely available OpenSSH distributions. If you are already using another version of OpenSSH and do not want to install the HP Systems Insight Manager version, that is fine. Keep in mind, however, that the HP Systems Insight Manager version is the only version that restricts access to the Cygwin data structures.
If the user has already installed the generic distribution of OpenSSH for Windows and sets up the keys to work with the CMS, the security hole that existed before HP Systems Insight Manager was used will still exist. It will not affect any other managed systems or the CMS. The potential exists for a non-administrator user on the managed node to interfere with any DTF tasks run on that node. However, this same problem existed on this system before HP Systems Insight Manager was in use.
If you are having trouble getting the HP Systems Insight Manager OpenSSH package to install, search your system for the Cygwin registry keys, as well as the file cygwin1.dll. The location of the file might give you some idea of what software is installed that is conflic
Problem is also with Cygwin
http://www.hp.com/wwsolutions/misc/hpsim-helpfiles/hpsim-ssh-wp.pdf
"Windows SSH server
While HP-UX and most Linux distributions usually ship with OpenSSH already installed, the same is not true of Windows-based operating systems. HP Systems Insight Manager provides a version of OpenSSH to be used with the DTF on Windows systems. This is installed along with the rest of the CMS software when installing the CMS. For managed systems, it can be installed from the management CD or downloaded from HPâ  s website.
The version provided by HP Systems Insight Manager was repackaged to work seamlessly with the install process. It was also modified to provide greater security than other widely-available distributions. Since OpenSSH is part of OpenBSD, it was originally implemented for UNIX-like operating systems. In order to easily port it to Windows, an emulation layer called Cygwin is used.
Cygwin provides a UNIX emulation layer so that UNIX software can be easily ported to Windows. It also has some well-known security problemsâ  it creates world-readable data structures to emulate UNIX processes. In order to make OpenSSH more secure, the version distributed with HP Systems Insight Manager contains a modified Cygwin compatibility layer that restricts access to these data structures to members of the Administratorâ  s group. Because of this, when HP Systems Insight Managerâ  s version of OpenSSH is used, only Windows Administrators can log into the Windows system via SSH." and:
"Coexistence problems with other Cygwin installations
Only one Cygwin-based program can be installed on a system at any given time.
In order for Cygwin to function, there are certain registry settings that have to existâ  namely, the mount points defined above. The installer checks for the Cygwin registry keys and refuses to install if they exist. The installation also fails if the full Cygwin distribution, or any other software that uses Cygwin (for example, the Python distribution in WinCVS), is installed. This is an unfortunate consequence of multiple Cygwin installations not being able to coexist.
There are other products that use Cygwin out there, and HP Systems Insight Managerâ  s OpenSSH distribution is not compatible with them. This includes other freely available OpenSSH distributions. If you are already using another version of OpenSSH and do not want to install the HP Systems Insight Manager version, that is fine. Keep in mind, however, that the HP Systems Insight Manager version is the only version that restricts access to the Cygwin data structures.
If the user has already installed the generic distribution of OpenSSH for Windows and sets up the keys to work with the CMS, the security hole that existed before HP Systems Insight Manager was used will still exist. It will not affect any other managed systems or the CMS. The potential exists for a non-administrator user on the managed node to interfere with any DTF tasks run on that node. However, this same problem existed on this system before HP Systems Insight Manager was in use.
If you are having trouble getting the HP Systems Insight Manager OpenSSH package to install, search your system for the Cygwin registry keys, as well as the file cygwin1.dll. The location of the file might give you some idea of what software is installed that is conflic
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP