Hp Ux Data Security Software Getting Started Guide Secure Shell

2015-01-05

• HP-UX Secure Shell Getting Started Guide
• Contents
• About This Document
  • Intended Audience
  • New and Changed Information in This Edition
  • Publishing History
  • HP-UX Release Name and Release Identifier
  • Document Organization
  • Typographic Conventions
  • Related Documents
  • HP Encourages Your Comments
• 1 Introduction
  • Overview
  • Key Features
  • Architecture
  • How Secure Shell Establishes a Secure Connection
  • Protocol Support
  • HP-UX Secure Shell Commands
  • Keys and Configuration Files
• 2 Installing HP-UX Secure Shell
  • Prerequisites
    • System Requirements
    • Patch Requirement
  • Installation and Verification
    • Installing HP-UX Secure Shell from the Media
    • Installing HP-UX Secure Shell from the Web
    • Verifying HP-UX Secure Shell Installation
• 3 HP-UX Secure Shell Authentication Methods
  • Overview
  • Password Authentication
    • Using the /etc/passwd File
    • Using the /etc/pam.conf File
  • Public-Key Authentication
  • Kerberos Authentication
    • How Kerberos Works with HP-UX Secure Shell
    • Kerberos Authentication Methods
      • Password Authentication Using Kerberos
      • GSS-API Authentication Using Kerberos
  • Keyboard-Interactive Authentication
  • Host-Based Authentication
• 4 Configuring HP-UX Secure Shell Authentication Methods
  • Overview
  • Configuring Password Authentication
    • Configuring Password Authentication Using the/etc/​passwd File
    • Configuring Password Authentication Using the /etc/​pam.conf File
  • Configuring Public-Key Authentication
  • Configuring Kerberos Authentication
    • Configuring Password Authentication Using PAM Kerberos
    • Configuring GSS-API Authentication
  • Configuring Keyboard-Interactive Authentication
  • Configuring Host-Based Authentication
    • Configuring Host-Based Authentication for Non-Superusers
      • Using Systemwide Configuration
      • Using User-Specific Configuration
    • Configuring Host-Based Authentication for Superusers
  • Configuring User-Specific Authentication
    • The Auth Selection Patch
      • Steps by which the sshd daemon uses the Configuration Directives in the Auth Selection Patch
    • The EnforceSecureTTY Configuration Directive
      • Behavior of EnforceSecureTTY with the UseLogin Configuration Directive
      • Behavioral differences between telnet and ssh logins because of EnforceSecureTTY
      • Behavioral differences between remsh and ssh logins because of EnforceSecureTTY
• 5 Configuring HP-UX Secure Shell as a SOCKS Proxy
  • SOCKS Overview
  • Implementations of SOCKS
    • DanteSOCKS
      • Prerequisites
      • Usage Examples
    • Dynamic Port Forwarding
      • Dynamic Port Forwarding Process
      • Prerequisites
      • Usage Examples
• 6 Enabling HP-UX Secure Shell to Take Advantage of High Speed Networks
  • Changes in the ssh Command due to the HPN Patch
• 7 Troubleshooting HP-UX Secure Shell
  • Overview
  • Debugging the HP-UX Secure Shell Server
    • Debugging Options
    • Running sshd in Debug Mode
  • Debugging the HP-UX Secure Shell Client
    • Debugging Option
    • Running ssh in Debug Mode
  • Interpreting the Debug Output
  • Generating Debug Messages Using the LogLevel Configuration Directive
    • The LogLevel Configuration Directive
  • Logging Error and Debug Messages
  • Authentication Problems
    • Public-Key Authentication Problems
    • Host-Based Authentication Problems
  • Reporting Problems
• A Configuration Files and Directives
  • HP-UX Secure Shell Configuration Files
  • Server Configuration Directives
    • AcceptEnv
    • AddressFamily
    • AllowAgentForwarding
    • AllowGroups
    • AllowUsers
    • AllowTCPForwarding
    • AuthorizedKeysFile
    • AuthorizedPrincipalsFile
    • Banner
    • ChallengeResponseAuthentication
    • ChallRespAuthAllowUsers
    • ChallRespAuthDenyUsers
    • ChrootDirectory
    • Ciphers
    • ClientAliveCountMax
    • ClientAliveInterval
    • Compression
    • CountKeyAuthBadLogins
    • DenyGroups
    • DenyUsers
    • DisIStrip
    • DoubleMaxDisps
    • EnforceSecureTTY
    • ForceCommand
    • GatewayPorts
    • GSSAPIAuthentication
    • GSSAPICleanupCredentials
    • GSSAPIEnableMitmAttack
    • HostbasedAuthAllowUsers
    • HostbasedAuthDenyUsers
    • HostbasedAuthentication
    • HostKey
    • IgnoreRhosts
    • IgnoreUserKnownHosts
    • IPQoS
    • KerberosAuthAllowUsers
    • KerberosAuthDenyUsers
    • KerberosAuthentication
    • KerberosOrLocalPasswd
    • KerberosTicketCleanup
    • KexAlgorithms
    • KeyRegenerationInterval
    • ListenAddress
    • LoginGraceTime
    • LogLevel
    • MACs
    • Match
    • MaxAuthTries
    • MaxSessions
    • MaxStartups
    • PasswordAuthAllowUsers
    • PasswordAuthDenyUsers
    • PasswordAuthentication
    • PermitEmptyPasswords
    • PermitOpen
    • PermitRootLogin
    • PermitTunnel
    • PermitUserEnvironment
    • PidFile
    • Port
    • PrintLastLog
    • PrintMotd
    • Protocol
    • PubkeyAuthAllowUsers
    • PubkeyAuthDenyUsers
    • PubkeyAuthentication
    • RhostsRSAAuthentication
    • RSAAuthentication
    • ServerKeyBits
    • StrictModes
    • Subsystem
    • SyslogFacility
    • TCPKeepAlive
    • TrustedUserCAKeys
    • UseDNS
    • UseLogin
    • UsePAM
    • UsePrivilegeSeparation
    • X11DisplayOffset
    • X11Forwarding
    • X11UseLocalhost
    • XAuthLocation
    • Sample HP-UX Secure Shell Server Configuration File
  • Client Configuration Directives
    • Host
    • AddressFamily
    • BatchMode
    • BindAddress
    • ChallengeResponseAuthentication
    • CheckHostIP
    • Cipher
    • Ciphers
    • ClearAllForwardings
    • Compression
    • CompressionLevel
    • ConnectionAttempts
    • ConnectTimeout
    • ControlMaster
    • ControlPath
    • DynamicForward
    • EnableSSHkeysign
    • EscapeChar
    • ExitOnForwardFailure
    • ForwardAgent
    • ForwardX11
    • ForwardX11Trusted
    • GatewayPorts
    • GlobalKnownHostsFile
    • GSSAPIAuthentication
    • GSSAPIDelegateCredentials
    • HashKnownHosts
    • HostbasedAuthentication
    • HostKeyAlgorithms
    • HostKeyAlias
    • HostName
    • IdentityFile
    • IdentitiesOnly
    • IPQoS
    • KbdInteractiveAuthentication
    • KbdInteractiveDevices
    • KexAlgorithms
    • LocalCommand
    • LocalForward
    • LogLevel
    • MACs
    • NoHostAuthenticationForLocalhost
    • NumberOfPasswordPrompts
    • PasswordAuthentication
    • PermitLocalCommand
    • Port
    • PreferredAuthentication
    • Protocol
    • ProxyCommand
    • PubkeyAuthentication
    • RekeyLimit
    • RemoteForward
    • RequestTTY
    • RhostsRSAAuthentication
    • RSAAuthentication
    • SendEnv
    • ServerAliveInterval
    • ServerAliveCountMax
    • StrictHostKeyChecking
    • TCPKeepAlive
    • UserPrivilegedPort
    • User
    • UserKnownHostsFile
    • VerifyHostKeyDNS
    • VisualHostKey
    • XAuthLocation
    • Sample HP-UX Secure Shell Client Configuration File
• B Sample /etc/krb5.conf File
  • The /etc/krb5.conf Configuration File