•
This parameter should be set to TRUE only if compatibility to previous behavior is required.
•
Even if ALLOWFROZENSYSTEMUSER is set to TRUE, the methods password and keyboard-interactive will
always fail due to the FROZEN state (because Safeguard is involved and will not authenticate a frozen user).
Example
ALLOWFROZENSYSTEMUSER FALSE
ALLOWINFOSSH2
This parameter defines the set of users that are allowed to execute the SSHCOM command INFO SSH2.
Parameter Syntax
ALLOWINFOSSH2 [ALL|PARTIALSSHCOMACCESS|FULLSSHCOMACCESS]
Arguments
[ALL|PARTIALSSHCOMACCESS|FULLSSHCOMACCESS]
Valid values are:
ALL: Every user is allowed to execute SSHCOM command INFO SSH2.
o
PARTIALSSHCOMACCESS: Only users configured with partial SSHCOM access are allowed to execute
o
SSHCOM command INFO SSH2.
FULLSSHCOMACCESS: Only users having full SSHCOM access are allowed to execute SSHCOM
o
command INFO SSH2.
Default
If omitted, ALLOWINFOSSH2 will be set to ALL. This is compatible with the behavior before introduction of the
parameter (i.e. prior to version 0092).
Considerations
Example
FULLSSHCOMACCESSUSER<i>, FULLSSHCOMACCESSGROUP<j>, PARTIALSSHCOMACCESSUSER<k>,
PARTIALSSHCOMACCESSGROUP<n>
ALLOWPASSWORDSTORE
This parameter controls whether users are allowed to use stored passwords for connections to remote SSH daemons.
Parameter Syntax
ALLOWPASSWORDSTORE [TRUE|FALSE]
Arguments
[TRUE|FALSE]
Specifies whether to allow password storage. Valid values are...
TRUE: Any PASSWORDs stored for remote user ID will be automatically used for SSH password
o
authentication. If no PASSWORD is stored for a connection, the user will be prompted after a successful
authentication if a password should be stored in the password store.
FALSE: Any stored PASSWORD will be ignored and users will not be prompted to interactively store
o
passwords.
Default
HP NonStop SSH Reference Manual
Configuring and Running SSH2 • 55