Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
11121314151617181920
Key A relatively small amount of data used as a parameter for cryptographic
algorithms, such as encryption or message authentication.
User Key An asymmetric key used by the client to provide a user identity.
Host Key An asymmetric key used by the server to provide a server identity.
Session Key A symmetric key that encrypts the communication between the client and
server.
Key Generator A program that creates persistent keys, such as user keys and host keys.
Agent A program that caches user keys in memory so that users need not retype
their passphrases.
Figure 1 shows how the major HP-UX Secure Shell components interact with one another.
Figure 1 HP-UX Secure Shell Components
Secure Shell
Client
OS TCP Stack
Establish a
Secure Tunnel
Authenticate the
Server
Authenticate the
Client
Encrypted
Session
Arbitrary
TCP Port
Forwarding
Secure Shell
Server
OS TCP Stack
How Secure Shell Establishes a Secure Connection
The client and server must establish a secure connection before any interaction can take place.
The secure connection enables you to share keys, passwords, and data. Establishing a secure
connection between a client and the server includes the following steps:
1. The client contacts the server.
2. The client and server disclose the HP-UX Secure Shell protocol versions they support.
3. The client and server switch to a packet-based protocol.
4. The server identifies itself to the client and provides session parameters.
5. The client sends a session key to the server.
6. Both client and server enable encryption and complete server authentication.
7. The secure connection is established.
Before running the client, you must start the server daemon (sshd). The sshd daemon takes its
initial configuration values from the sshd_config file, located in the/opt/ssh/etc directory
on the server. The most important configuration directives in the sshd_config file are those that
are used to set the authentication methods that sshd supports.
When you run the HP-UX Secure Shell client application, the following events occur:
1. The client application establishes a socket connection with the HP-UX Secure Shell server.
2. The server spawns a child sshd process.
14 Introduction