Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
11121314151617181920
3. The child sshd process inherits the connection socket and authenticates the client application
based on the selected authentication method. A successful secure client session is established
only upon successful authentication.
4. When a session is created, all subsequent communication occurs directly between the client
application and the child sshd process. The client application can now execute remote
commands on the server. Each command request from the client application causes the child
sshd process to spawn a shell process to execute the command.
NOTE: In HP-UX Secure Shell Versions A.03.81 and earlier, every new client connection caused
the sshd daemon to fork itself. From HP-UX Secure Shell A.03.09 onwards, every new client
connection causes the sshd daemon to re-execute (fork and exec). This default re-execute behavior
is more secure, because it ensures that the each client connection uses a new seed for key
generation. You can revert to the previous behavior by using the sshd command with the -r
option. HP does not recommend changing the default behavior.
A running HP-UX Secure Shell client-server session consists of the following processes:
A single client process running on the client system.
The following processes running on the server system:
One parent sshd process and many child sshd processes.
A shell process for each command execution request from the client. This shell process is
spawned to execute the command, and terminates when the command successfully
completes execution. All communication between the child sshd process and the shell
process is carried out through a UNIX pipe.
Protocol Support
HP-UX Secure Shell supports the SSH-1 and SSH-2 protocols. Table 3 compares the features of the
SSH-1 and SSH-2 protocols.
Table 3 Comparative Analysis of SSH-1 and SSH-2 Protocols
SSH-2SSH-1
Enhanced SSH protocol. Offers better security, portability,
and performance.
Original version of Secure Shell protocol.
Uses only host keys to authenticate systems.Uses server keys and host keys to authenticate systems.
Uses several session keys.Uses only one session key.
Supports RSA, DSA, and ECDSA algorithms.Supports the RSA algorithm only.
Supports both SOCKS and sftp.Does not support SOCKS (SOCKetS) and secure FTP
(sftp).
HP-UX Secure Shell Commands
HP-UX Secure Shell includes a set of commands used to securely access remote systems. For more
information, see the manpages for each command.
Table 4 lists the commands that enable you to securely access remote systems.
Table 4 HP-UX Secure Shell Commands
Equivalent Non-Secure
Components
Runs OnDescriptionCommand
remsh,telnetClientSecure Shell clientssh
remsh, telnetClientSymbolic link to sshslogin
Protocol Support 15