EasyManuals Logo
Home>HP>Software>NonStop SSH 544701-014

HP NonStop SSH 544701-014 User Manual

HP NonStop SSH 544701-014
344 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #90 background imageLoading...
Page #90 background image
90 • Configuring and Running SSH2 HP NonStop SSH Reference Manual
MACS
Use this parameter to specify which message authentication codes (MAC) are admissible for the SSH2 server.
Parameter Syntax
MACS mac [, mac, ...]
Arguments
mac
Specifies a MAC. Currently the following MACs are supported by SSH2:
o hmac-sha1: HMAC-SHA1 (digest length=key length=20 bytes=160 bits)
o hmac-md5: HMAC-MD5 (digest length=key length=16 bytes=128 bits)
o hmac-sha1-96: first 96 bits of HMAC-SHA1 (digest length=12 bytes=96 bits, key length=20 bytes=160
bits)
o hmac-md5-96: first 96 bits of HMAC-MD5 (digest length=12 bytes=96 bits, key length=16 bytes=128 bits)
Considerations
For details about the MACs listed above, please refer to standard SSH documentation, such as the available RFCs.
Default
If this parameter is omitted, SSH2 will accept all MACs listed above.
Example
MACS hmac-sha1-96
This will enforce the use of the hmac-sha1-96 MAC algorithm.
PARTIALSSHCOMACCESSGROUP<n>
This parameter set allows granting limited administrative SSHCOM command privileges to groups rather than just
super.super. Admin groups with limited SSHCOM access are defined via the parameter set
PARTIALSSHCOMACCESSGROUP<n> where <n> is a number between 1 and 99.
Limited administrative SSHCOM access includes viewing and altering USER records, i.e. execution of daemon mode
commands INFO USER and ALTER USER. All USER attributes can be modified except the most critical ones, which
are ALLOWED-AUTHENTICATIONS and SYSTEM-USER. These fields can only be modified by users with full
SSHCOM access.
Additional restrictions apply depending on the setting of parameter LIFECYCLEPOLICYPUBLICUSERKEY: Users
with partial SSHCOM access can specify the LIVE-DATE and EXPIRE-DATE when adding or altering a user’s public
key only if LIFECYCLEPOLICYPUBLICUSERKEY is set to VARIABLE.
Parameter Syntax
PARTIALSSHCOMACCESSGROUP<j> <group>
Arguments
<group>
A Guardian group name. All members of the group will have partial SSHCOM access.
Default
By default, none of the parameters are set, i.e. only users with full SSHCOM access can execute privileged commands.
Example

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP NonStop SSH 544701-014 and is the answer not in the manual?

HP NonStop SSH 544701-014 Specifications

General IconGeneral
BrandHP
ModelNonStop SSH 544701-014
CategorySoftware
LanguageEnglish

Related product manuals