Sign In
Upload
Manuals
Brands
HP Manuals
Software
NonStop SSH 544701-014
HP NonStop SSH 544701-014 Manuals
Manuals and User Guides for HP NonStop SSH 544701-014. We have
1
HP NonStop SSH 544701-014 manual available for free PDF download: Reference Manual
Hp NonStop SSH 544701-014 Reference Manual (344 pages)
Brand:
Hp
| Category:
Software
| Size: 1.65 MB
Table of Contents
Table of Contents
3
Preface
13
Who Should Read this Guide
13
Related Reading
13
Document History
15
Introduction
25
The SSH2 Solution
25
Fully Compliant with the SSH Protocol Specification
25
Strong Authentication and Multiple Cipher Suites
25
Support of Full Screen Terminal Access
25
Built-In User Base
25
Central Key Store
26
Secure SFTP Transfer
26
TCP and FTP Port Forwarding
26
Single Sign-On
26
Tcp/Ipv6
26
The SSH Protocol
26
Components of the SSH2 Software Package
27
Architecture Overview
28
SSH2 Running as SSH Daemon (Server)
28
SSH2 Running as SSH Client
29
Installation & Quick Start
31
System Requirements
31
Acquiring the Product Archives
31
Installation on the Nonstop Server
32
Installing the SSH Components on the Nonstop System
32
Unlocking the Product with a License File
33
SSH2 License and Version Information
34
Updating to a New Version of the SSH2 File Set
34
Download of the Object File Set
34
Installation of the New Version
34
Where Configuration Data Is Stored
35
Migration Considerations
35
Installation of SFTPAPI
35
Quick Start and Guided Tour
35
Quick-Starting the SSH2 System
36
Secure Shell Access to the Nonstop Server
38
Secure Shell Access from Nonstop to Remote Systems
39
Encrypted File Transfer
41
Using Public Keys to Authenticate Remote Users
43
Using Public Keys to Logon to Remote Systems
44
Configuring and Running SSH2
47
Configuration Overview
47
The Configuration File
48
PARAM Commands
48
Startup Line Parameters
49
Starting SSH2
49
SSH2 Parameter Reference
50
Parameter Overview
50
Allowedauthentications
53
Allowedsubsystems
53
Allowfrozensystemuser
54
Allowinfossh2
55
Allowpasswordstore
55
Allowtcpforwarding
56
Auditconsole
56
Auditems
57
Auditfile
58
Auditfileretention
58
Auditformat
59
Auditformatconsole
59
Auditformatems
60
Auditformatfile
60
Auditmaxfilelength
61
Autoaddsystemusers
61
Autoaddsystemuserslike
62
Backupcpu
63
Banner
63
Ciphers
64
Clientallowedauthentications
65
Compression
65
Config
66
Config2
66
Cpuset
66
Customer
67
Disconnectifuserunknown
68
Enablestatisticsatstartup
68
Fullsshcomaccessgroup<J
69
Fullsshcomaccessuser<I
69
Gssauth
70
Gssgexkex
71
Gsskex
71
Guardianattributeseparator
72
Hostkey
72
Interface
73
Interfaceout
74
Intervalliveprivateuserkey
74
Intervalliveppublicuserkey
75
Intervalpendingprivateuserkey
76
Intervalpendingpublicuserkey
76
Ipmode
77
License
78
Lifecyclepolicyprivateuserkey
78
Lifecyclepolicypublicuserkey
79
Logcachedumponabort
80
Logcachesize
80
Logconsole
81
Logems
81
Logemskeepcollectoropened
82
Logfile
82
Logfileretention
83
Logformat
83
Logformatconsole
84
Logformatems
85
Logformatfile
86
Loglevel
86
Loglevelcache
87
Loglevelconsole
87
Loglevelems
88
Loglevelfile
88
Logmaxfilelength
89
Logmemory
89
Macs
90
Partialsshcomaccessgroup<N
90
Partialsshcomaccessuser<K
91
Port
92
Ptcpipfilterkey
92
Ptcpipfiltertcpports
93
Ptyserver
93
Recorddelimiter
94
Restrictioncheckfaileddefault
94
Safeguard-Password-Required
95
Sftpallowguardiancd
95
Sftpcpuset
96
Sftpdisplayguardian
96
Sftpeditlinemode
97
Sftpeditlinenumberdecimalincr
97
Sftpeditlinestartdecimalincr
98
Sftpexclusionmoderead
99
Sftpidletimeout
100
Sftpmaxextents
100
Sftpprimaryextentsize
100
Sftpsecondaryextentsize
101
Sftpupshiftguardianfilenames
101
Socketkeepalive
102
Socketrcvbuf
102
Socketsndbuf
103
Socktcpminrxmt
103
Socktcpmaxrxmt
103
Socktcprxmtcnt
104
Socktcptotrxmtval
104
Sshautokexbytes
105
Sshautokextime
105
Sshctl
106
Sshctlaudit
107
Sshkeepalivetime
107
Storedpasswordsonly
107
Stricthostkeychecking
108
Subnet
108
Suppresscommentinsshversion
109
Tcpiphostfile
109
Tcpipnodefile
110
Tcpipresolvername
110
Usetemplatesystemuser
111
Enabling Full TTY Access
112
Enabling 6530 Terminal Access
112
Configuring an Alternate Command Interpreter
112
Configuring a Service Menu
113
Configuring an STN Service or Window
113
Forcing TACL Access Via Server-Side Configuration
114
Using TELSERV as Service Provider
114
Granting Access Without SSH Authentication
115
Configuration of the GSSAPI Interface Process
116
Enabling GSSAPI Authentication for a User Account
116
Overview
116
Prerequisites
116
Single Sign-On with GSSAPI Authentication
116
Authorizing Kerberos Principals for Logon
117
Restricting Incoming and Outgoing Connections
118
Rejecting Gateway Ports
118
Restricting External Access to SSH2 Process
118
Restricting Internal Access to Remote SSH2 Hosts
118
Restricting Local Ports Used for Port Forwarding
119
Restricting Remote Hosts/Ports for Port Forwarding
119
Restricting Access to Forwarding Tunnels
119
Load Balancing
119
Load-Balancing Outbound SSH Sessions
119
Load-Balancing Inbound SSH Sessions
120
Fault Tolerance
120
Configuring SSH2 as a Nonstop Process Pair
120
Configuring SSH2 as a Generic Process
121
Choosing a Persistence Mechanism
121
Processing of Defines
122
Setting of Environment Variables
122
Ipv6 Address Formats
123
Tcp/Ipv6 Configuration
123
Usage of Ipv6 Addresses
124
Tcp/Ipv6 Migration and Backout
125
Start Using Tcp/Ipv6
125
Reverting Back to Pre-Ipv6 SSH2 Release
125
The SSH User Database
127
Overview of SSH Operation Modes
127
Database for Daemon Mode
128
Database for Client Mode
130
Creating and Accessing the Database
131
Exporting the Database
131
SSHCOM Overview
133
SSHCOM Command Reference
133
Standard Nonstop Commands and Features
134
Startup Values for the MODE and ASSUME USER Commands
135
Security Within SSHCOM
135
Ownership and Management of Client Mode Entities
137
Miscellaneous Commands in SSHCOM
139
Mode
139
Info Ssh2
140
Clear Logcache
142
Flush Logcache
142
Info Define
142
PROMPT "<Text
143
Resolve Host-Name
143
Rollover Auditfile
143
Rollover Logfile
144
Export Sshctl
144
Info Host-Key
145
Export Host-Key
145
Add User
146
Daemon Mode Commands - Overview
146
Daemon Mode Commands Operating on the USER Entity
146
Alter User
153
Delete User
159
Freeze User
160
Info User
160
Rename User
162
Thaw User
162
Add Restriction-Profile
162
Daemon Mode Commands Operating on the RESTRICTION-PROFILE Entity
162
Alter Restricton-Profile
164
Delete Restriction-Profile
166
Info Restriction-Profile
166
Rename Restriction-Profile
166
Client Mode Commands - Overview
167
Assume User
168
Info System-User
168
Alter Key
169
Client Mode Commands Operating on the KEY Entity
169
Delete Key
170
Export Key
170
Freeze Key
171
Generate Key
171
Import Key
172
Info Key
173
Rename Key
175
Thaw Key
176
Add Password
176
Client Mode Commands Operating on the PASSWORD Entity
176
Alter Password
177
Delete Password
177
Freeze Password
178
Info Password
178
Rename Password
179
Thaw Password
180
Add Knownhost
180
Client Mode Commands Operating on the KNOWNHOST Entity
180
Alter Knownhost
181
Delete Knownhost
181
Freeze Knownhost
182
Info Knownhost
182
Rename Knownhost
184
Thaw Knownhost
184
Status Commands
185
Status Ssh2
185
Status Session
185
Status Channel
187
Status Opener
187
Statistics Related Commands
189
Statistics Session
189
Disable Statistics
189
Enable Statistics
189
Reset Statistics
189
Status Statistics
190
Abort Session Command
190
SSH and SFTP Client Reference
191
Introduction
191
Starting the Guardian Client Programs
191
Starting the OSS Client Programs
192
Inquiring User Name if Not Supplied
194
Configuring the SSH2 Process to Use
194
Suppressing the Banner Printed by Clients
195
Automating the SFTP/SSH Clients
195
FILE I/O Parameters for SFTP/SFTPOSS
195
SSH Client Command Reference
196
Command-Line Reference
196
Using the SSH Client to Create a Shell Controlling a Remote System
200
Using the SSH Client to Create a Port Forwarding Daemon
201
Using the SSH Client to Create an FTP Port Forwarding Daemon
202
SFTP Client Command Reference
203
Command-Line Reference
203
SFTP Commands
206
Transfer Progress Meter
208
Controlling Transfer Summary
208
Specifying File Names on the Nonstop System
209
Extended Syntax (New Guardian Files)
209
Transfer Modes for Structured Guardian Files
210
Transferring ASCII Files
211
Fix Command and Command History
211
History Mode
212
Creation of Format 2 Guardian Files
213
SSH Protocol Reference
215
Implementation Overview
215
Supported Versions
215
Cipher Suites
215
Implementation of the SSH Protocol
215
Authentication Using User Names and Passwords
216
Public Key Authentication
216
Introduction to Public Key Authentication, Terminology
216
Public Key Authentication and SSH
216
Assuring Host Authenticity
217
Client Logon
217
STN Reference
219
Introduction
219
Running STN as Pseudo TTY Server for SSH2
219
Starting STN from TACL
219
Running STN as Persistent Process
221
Stncom
222
Comments
223
Abend
223
Abort Service
223
Abort Session
223
STNCOM Commands
223
Abort Window
224
Add Iprange
224
Add Script
224
Add Service
225
Add Window
231
AUDITCOLL off | <Ems-Collector
232
AUDITMSG <Text
233
Auto_Add_Win Dynamic | Static | off
233
AUTODEL_WAIT <Seconds
233
BACKUP[CPU] <Cpu> | NONE | BUDDY | any
234
BANNER_TIMEOUT <Minutes
234
BLAST <Message
235
Break_On_Discon Y|N
235
Buffer_Size
235
Choice_Prompt y | N
235
CHOICE_TEXT <Text
235
Conn_Clr_Ssh y | N
235
DELETE IPRANGE <Iprange-Name
235
DELETE SCRIPT <Script-Name
235
DELETE SERVICE <Service-Name
236
DELETE WIN[DOW] <Window-Name
236
DEV_SUBTYPE B05COMP | WINDOW | <Nn
236
DYNAMIC_PRI <Nnn
236
DYN_CPU (Cpu,Cpu)
236
DYN_WIN_MAX <Nnn
236
Exit
237
FESESSDOWN <Error-Code
237
FRAGSIZE <N
237
Gwn [Alloc]
237
Help
238
IDLE_WARNING <N
238
Info All
238
INFO IPRANGE <Iprange-Name
238
Info Process
238
INFO SCRIPT <Script-Name
239
INFO SER[VICE] <Service-Name
239
Info Stn
240
INFO WIN[DOW] <Window-Name
240
INPUT_TIMEOUT <Minutes
241
Kill_Dynamic Y|N
242
LICENSE <Location
242
Listopens
242
MAX_OPENERS <N
242
MAX_OUTQ <N
243
Nbot Y|N
243
NBOT_TIMEOUT <Seconds
243
NEGOT_TIMEOUT <Seconds
243
OBEY <Edit-File-Name
243
OPEN <STN-Process-Name
243
OPENER_WAIT <Seconds
243
Output_Reset y | N
244
Pause
244
Pool
244
PROMPT "<Text
244
PTY_REPLY_LEN <N
245
REPLY_DELAY_MAX <Seconds
245
RESET SERVICE <Service-Name
245
RSCMGR_DEPTH <N
245
SAVECFG <Filename
245
SECURITY [<Letter>]
246
Shutdown
246
SSH_DEFAULT_SVC <Service-Name> | *NONE
246
START SERVICE <Service-Name
246
START WINDOW <#Window-Name
246
STATUS SERVICE [ <Service-Name> | * ]
246
STATUS SESSION [ <Session-Name> | * ]
247
STATUS WINDOW [ <#Window-Name> | * ]
248
Stix [Reset]
248
STNCOM_PROMPT "<Text
248
STNLOG <Text
250
STOP SERVICE <Service-Name
250
STOP SESSION <Session-Name
250
STOP WINDOW <#Window-Name
250
Time
250
Trace
250
Version
251
Welcome_Seq before | after | both
251
WELCOME <Filename> | off | LIST
251
Win_Avail_Always y | N
252
Win_Avail_C11 y | N
252
Wsinfo None | Query | Required | Match
252
Winscript_First y | N
252
Session and Window Naming
253
GWN Related STNCOM Commands
254
GWN Related EMS Events
255
Client Messages at the Remote Workstation
269
STN Application I/O Handling
276
Monitoring and Auditing
279
Content of Log Messages
279
Introduction
279
Log Level
280
Destinations for Log Messages
281
Customizing the Log Format
282
Content of Audit Messages
282
Destinations for Audit Messages
283
Customizing the Audit Format
283
Audit Reports
283
List of Audit Messages
283
Log File/Audit File Rollover
293
Viewing File Contents from Guardian with SHOWLOG
294
Viewing File Contents from OSS
297
Performance Considerations
299
Introduction
299
Performance Analysis of SFTP Traffic
300
SFTPSERV Performance of Ls Command with Wildcards
300
Performance When Running as SSH Client
301
Performance Analysis of SSH Session Establishment
300
Performance Running as SSH Daemon
300
Summary
301
Troubleshooting
303
Information Needed by Support
303
Introduction
303
General SSH2 Error Messages
304
Session Related SSH2 Errors
305
Session Related Error Messages of SSH2 Daemon
305
Session Related Messages of SSH2 in Client Mode
309
Client Error Messages
312
Appendix
315
Event Summary
315
Event Category ERROR
315
Event Category WARNING
319
Event Category INFO
330
Copyright Statements
338
Openssl Copyright Statement
338
Openssh Copyright Statement
340
Advertisement
Advertisement
Related Products
HP StorageWorks SSL1016
HP Client SSU
HP StorageWorks HA-Fabric Manager
Hp Spooler FASTP
HP Smart Update Manager
HP Session Allocation Manager 3.0
HP Session Allocation Manager 2.1
HP Stac Replica
HP Smart Update Firmware DVD
HP SmartSetup Scripting Toolkit
HP Categories
Desktop
Laptop
Server
Monitor
Switch
More HP Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL