Manualshelf

SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
Please see the section on the SSHCTL parameter for more information on the interaction of the license file with
the SSH2 database.
Default
If omitted, an SSH2 process will search for a file named "LICENSE" on the subvolume where the SSH2 object resides.
LIFECYCLEPOLICYPRIVATEUSERKEY
This parameter controls the life-cycle of user generated private keys. If enabled, a ‘not valid before date’ and a ‘not valid
after date’ can be defined for each individual key. This can be achieved by setting the dates explicitly via entity KEY
attributes LIVE-DATE and EXPIRE-DATE or implicitly via globally defined length of the key pending time period after
key generation and length of the period a key is in ‘LIVE’ state. Only a key in ‘LIVE’ state may be part of a publickey
authentication of the user owning a private key.
Parameter Syntax
LIFECYCLEPOLICYPRIVATEUSERKEY DISABLED|FIXED|VARIABLE
Arguments
DISABLED
Life-cycle control for user generated private keys will not be enabled. When a key is generated it is immediately
in state ‘LIVE’ and it will never expire.
FIXED
Users without full SSHCOM access cannot set or alter KEY attributes LIVE-DATE and EXPIRE-DATE. Both
dates will be determined by the CREATION-DATE and the values of parameters
INTERVALPENDINGPRIVATEUSERKEY and INTERVALLIVEPRIVATEUSERKEY
.
VARIABLE
A user can specify the LIVE-DATE and EXPIRE-DATE when generating or importing a private key or when
altering the private key. By not specifying these attributes in a GENERATE KEY or IMPORT KEY command,
the values for LIVE-DATE and EXPIRE-DATE will be automatically set depending on the CREATION-DATE
and the values of parameters INTERVALPENDINGPRIVATEUSERKEY
and
INTERVALLIVEPRIVATEUSERKEY.
Default
The default for this parameter is DISABLED resulting in the same behavior as before the introduction of this parameter.
Example
LIFECYCLEPOLICYPRIVATEUSERKEY FIXED
Considerations
Users with full SSHCOM access can set or modify KEY attributes LIVE-DATE and EXPIRE-DATE even
when the life-cycle policy for user private keys is set to FIXED.
See also
INTERVALLIVEPRIVATEUSERKEY, INTERVALPENDINGPRIVATEUSERKEY
LIFECYCLEPOLICYPUBLICUSERKEY
This parameter controls the life-cycle of user public keys. If enabled, a ‘not valid before date’ and a ‘not valid after date’
can be defined for each individual key. This can be achieved by setting the dates explicitly via entity USER
PUBLICKEY attributes LIVE-DATE and EXPIRE-DATE or implicitly via globally defined length of the key pending
HP NonStop SSH Reference Manual Configuring and Running SSH2 89