Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
71727374757677787980
For example:
PermitOpen host 3:23
In the above scenario, HP-UX Secure Shell permits port forwardings only to the host specified by
the PermitOpen directive.
PermitRootLogin
Use this directive to enable users to log in as superuser using ssh. Following are the supported
arguments:
yes
If this option is set to yes, privileged users are allowed to login.
without-password
If this option is set to without-password, password authentication is disabled for privileged
user.
NOTE: Other authentication methods (for example, keyboard-interactive or PAM) can still
allow privileged user to log in using a password.
forced-commands-only
If this option is set to forced-commands-only, privileged users can log in with public key
authentication, if the command option has been specified (which may be useful for taking
remote backups even if a privileged user login is normally not allowed). All other authentication
methods are disabled for a privileged user.
no
If this option is set to no, privileged users are not allowed to login.
You can use this directive to achieve the following:
Disable all superuser logins.
Enable all superuser logins with any authentication method.
Enable superuser logins with limited authentication methods.
The default setting is yes.
For example:
PermitRootLogin yes
PermitTunnel
Use this directive to specify whether tun device forwarding is allowed. The argument must be yes,
point-to-point (layer 3), ethernet (layer 2), or no. The yes permits both point-to-point
and ethernet.
The default is no.
For example:
PermitTunnel no
PermitUserEnvironment
Use this directive to specify whether $HOME/.ssh/environment and environment=options
in the $HOME/.ssh/authorized_keys file are processed by the sshd daemon to control
environment processing. The $HOME/.ssh/environment file must be writable by the user only;
it need not be readable by anyone else. Environment processing enables users to bypass access
restrictions.
NOTE: This option is automatically disabled when the UseLogin configuration directive is
enabled.
76 Configuration Files and Directives