HP TCPIP Services for OpenVMS Guide to SSH

This document, "HP TCP/IP Services for OpenVMS Guide to SSH" (Edition 2.0, July 2006), serves as a comprehensive guide for Secure Shell (SSH) users and system managers on the OpenVMS operating system.

The guide covers the following key areas:

1. Overview of SSH: Introduces SSH concepts, its client and server components, the role of host and user keys (generation and management), authentication methods, and how SSH client and server communicate, including port forwarding. It also notes updates from previous versions.
2. Configuration: Details the initial setup of SSH software on OpenVMS using the TCPIP$CONFIG command procedure for both client and server components.
3. Customization: Explains how to tailor the SSH run-time environment to specific security needs, including setting up server public keys, modifying client and server configuration parameters, and configuring various authentication methods like password, host-based, and public-key authentication.
4. Service Management: Provides instructions for starting and stopping the SSH client and server, enabling IPv6 networking, managing SSH logical names, and configuring auditing and account passwords (including secondary passwords).
5. Port Forwarding: Dedicated coverage of standard, FTP, and X11 port forwarding capabilities, demonstrating how to establish secure tunnels for various TCP-based applications.
6. Kerberos Integration: A significant section on setting up SSH connections with Kerberos authentication, including installing Kerberos components, configuring user and host principals, managing credential forwarding, and troubleshooting common SSH/Kerberos issues.
7. Command Reference: Offers detailed descriptions and usage examples for core SSH utilities: SSH (remote login and command execution), SCP (secure file copy), SFTP (secure file transfer protocol), SSH_KEYGEN (key generation), SSH_ADD (adding keys to the authentication agent), and SSH_AGENT (managing authentication keys).
8. Troubleshooting: Guides users through analyzing and resolving common SSH login problems and authentication failures.
9. Appendices: Provides reference information on SSH directories, files, and a comprehensive list of client and server configuration parameters.

This edition notably includes enhancements such as Kerberos authentication, IPv6 support, SSH commands in batch jobs, new command options, and updated configuration files for OpenVMS.