Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
41424344454647484950
NOTE: HP-UX Secure Shell uses the /etc/hosts.equiv file if the directives
RhostsRSAAuthentication and HostbasedAuthentication are configured in the
HP-UX Secure Shell configuration files. This file is used for host-based authentication with
remotely executed commands (r-commands). The /opt/ssh/etc/shosts.equiv file is
preferred over the /etc/hosts.equiv file, because the /opt/ssh/etc/shosts.equiv
file is used by HP-UX Secure Shell only.
5. To add the public host key of the client to the /opt/ssh/etc/ssh_known_hosts file,
which is the known hosts file of the server, run one of the following commands from the client
system as a superuser for SSH-2:
# cat /opt/ssh/etc/ssh_host_dsa_key.pub | ssh
root@RemoteMachine cat >> /opt/ssh/etc/ssh_known_hosts
Or
# cat /opt/ssh/etc/ssh_host_rsa_key.pub | ssh
root@RemoteMachine cat >> /opt/ssh/etc/ssh_known_hosts
Or
# cat /opt/ssh/etc/ssh_host_ecdsa_key.pub | ssh
root@RemoteMachine cat >> /opt/ssh/etc/ssh_known_hosts
For SSH-1:
# cat /opt/ssh/etc/ssh_host_key.pub | ssh root@RemoteMachine
cat >> /opt/ssh/etc/ssh_known_hosts
You can view the /opt/ssh/etc/ssh_known_hosts file on the server and verify that the
public host key of the client is added to this file.
6. In the server system, add the fully qualified host name of the client at the beginning of the key
in the /opt/ssh/etc/ssh_known_hosts file, as shown in the following example:
client.abc.com ssh-dss ssh-dss AAAAB3NzaC1kc3MAAACBAKCJJv/D2
Jo3Qejlhp2Z3OAvWjcQRa0c4e3gwEvYjXGECe/upvromDyNA4ou5n5rkPKBD
e37l3U+PYkKQ3KYQyb7b2+kZ3EkzHOGB0X57hrX0e3kAeHJhSpwdY6KpGQO7
CmVwHbn3R0NFY9c0sPw1rSADY6BsJ4IJXdi5dgakIGLAAAAFQDjKdniF5llT
NwSJZzdjqBDSJvaHwAAAIEAlbtE9eMzjVPSfo/peqerKm2qY/gfBL80kQKcA
wc81kzxdHO8Qisn823KtAlYfQOHCt/UVV6VIvNwD5fbLmhrzFCM39+YLPJre
09CQ41Nxuu+ttqGCIPVggzjp/AwOeuedmkqKyQ7PuErGHTb0UYsXqzv9Nj7s
h+UfRMdIjiVdKQAAACACQE0NxmxqTdFyDZaGnqLmzLcgMqMjr0UlzDGaPGyg
ds2LZ1uotvI4wBGIGteZxvlNiwxMXMvKc5Ej55oiefXCRLqHOp4JWo8sVQdh
VKxa1gpCVNYuGCmN5DGVDhT0bYV3GBs2/PAh1ky2hCCLd6sMAIhVLwIcqtOQ
bK6Hobu2qI= root@client
In this example, client.abc.com is the fully qualified host name of the client that is appended
to the key in the /opt/ssh/etc/ssh_known_hosts file.
7. To connect to the remote server, run the following command from the client system:
# ssh <server_name>
Where:
<server_name> specifies the name of the remote system to which you want to connect.
The HP-UX Secure Shell client connects to the HP-UX Secure Shell server.
Using User-Specific Configuration
To configure host-based authentication for non-superusers using user-specific configuration, follow
the steps specified in “Using Systemwide Configuration (page 40). However, the host configuration
files that you need to update are user-specific files, not the systemwide files.
Table 14 describes the systemwide configuration files and the corresponding user-specific
configuration files.
Configuring Host-Based Authentication 41