SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

SOCKETRCVBUF ................................................................................................................ 116

SOCKETSNDBUF ................................................................................................................ 116

SOCKTCPMINRXMT .......................................................................................................... 117

SOCKTCPMAXRXMT ........................................................................................................ 117

SOCKTCPRXMTCNT .......................................................................................................... 118

SOCKTCPTOTRXMTVAL .................................................................................................. 118

SSHAUTOKEXBYTES ........................................................................................................ 119

SSHAUTOKEXTIME ........................................................................................................... 119

SSHCTL ................................................................................................................................ 119

SSHCTLAUDIT .................................................................................................................... 120

SSHKEEPALIVETIME ........................................................................................................ 121

STOREDPASSWORDSONLY ............................................................................................. 121

STRICTHOSTKEYCHECKING .......................................................................................... 122

SUBNET ................................................................................................................................ 122

SUPPRESSCOMMENTINSSHVERSION ........................................................................... 123

TCPIPHOSTFILE .................................................................................................................. 123

TCPIPNODEFILE ................................................................................................................. 124

TCPIPRESOLVERNAME .................................................................................................... 125

USETEMPLATESYSTEMUSER ......................................................................................... 125

Enabling Full TTY Access ................................................................................................................... 126

Enabling 6530 Terminal Access .......................................................................................................... 126

Configuring an Alternate Command Interpreter .................................................................... 127

Configuring a Service Menu .................................................................................................. 127

Configuring an STN Service or Window ............................................................................... 127

Forcing TACL Access via Server-side Configuration ........................................................... 128

Using TELSERV as Service Provider ................................................................................... 129

Granting Access without SSH Authentication ..................................................................................... 129

Single Sign-on with GSSAPI Authentication ...................................................................................... 130

Overview ............................................................................................................................... 130

Prerequisites ........................................................................................................................... 130

Configuration of the GSSAPI Interface Process .................................................................... 130

Enabling GSSAPI Authentication for a User Account .......................................................... 131

Authorizing Kerberos Principals for Logon ........................................................................... 131

Restricting Incoming and Outgoing Connections ................................................................................ 132

Rejecting Gateway Ports ........................................................................................................ 132

Restricting External Access to SSH2 Process ........................................................................ 132

Restricting Internal Access to Remote SSH2 Hosts .............................................................. 132

Restricting Local Ports used for Port Forwarding.................................................................. 133

Restricting Remote Hosts/Ports for Port Forwarding ............................................................ 133

Restricting access to forwarding tunnels ............................................................................... 133

Load Balancing .................................................................................................................................... 134

Load-Balancing Outbound SSH Sessions .............................................................................. 134

Load-Balancing Inbound SSH Sessions ................................................................................ 134

Fault Tolerance .................................................................................................................................... 135

Configuring SSH2 as a NonStop Process Pair ....................................................................... 135

Configuring SSH2 as a Generic Process ................................................................................ 135

Choosing a Persistence Mechanism ....................................................................................... 136

Processing of DEFINEs ....................................................................................................................... 136

Setting of PARAMs ............................................................................................................................. 137

Setting of Environment Variables ........................................................................................................ 137

TCP/IPv6 Configuration ...................................................................................................................... 139

IPv6 Address Formats ............................................................................................................ 139

Usage of IPv6 Addresses ....................................................................................................... 139

IP Mode ................................................................................................................................. 140

TCP/IPv6 Considerations ..................................................................................................................... 140

Using Link Local Addresses for Loopback ........................................................................... 140

vi • Contents HP NonStop SSH Reference Manual