----------------------------------------------------------------------------SSH_V592P020 patch kit (revision 2.0) for TCPware 5.8/5.9	26-Jan-2011Copyright (c) 2006, 2007, 2008, 2010, 2011 by Process Software         This VMSinstallable saveset provides a new version of the         following SSH components:         - SSH client (SSH2.EXE)         - SSH1 server (SSHD.EXE)         - SSH2 server (SSHD2.EXE)         - SSH master control program (SSHD_MASTER.EXE)         - SSH identity agent program (SSH-AGENT2.EXE)         - SSH key generators (SSH-KEYGEN.EXE and SSH-KEYGEN2.EXE)         - SSH key signer (SSH-SIGNER2.EXE)         - SSH loadable executive image (SSHLEI.EXE, LOAD_SSHLEI.EXE,           UNLOAD_SSHLEI.EXE)         - SSH agent identity manipulation program (SSH-ADD2.EXE)         - SSH file copy client (SCP2.EXE)         - SSH SFTP client (SFTP2.EXE)         - SSH file copy servers (SFTP-SERVER2.EXE and SCP-SERVER1.EXE)         - SSH server configuration template file (SSHD2_CONFIG.TEMPLATE)         - SSH certificate enrollment program (SSH-CMPCLIENT.EXE)         - SSH configuration procedure (SSH_CONTROL.COM)	 - SSH Public Key Assistant (PUBLICKEY_ASSISTANT.EXE)         - SSH Certificate Viewer (SSH-CERTVIEW.EXE)         - SSH shared libraries (SSH_ZLIB.EXE, SSH_FSCLM.EXE)	 - SSH Public Key Server (PUBLICKEY-SERVER.EXE)         - SSH Certificate Viewer (SSH-CERTVIEW.EXE)	 - SSH client configuration template (SSH2_CONFIG.TEMPLATE)	 - LDAP authentication plugin using the VMS Authentication Module	   (LDAP-PLUGIN.EXE)	 - SecurID authentication plugin using the VMS Authentication Module	   (SECURID-PLUGIN.EXE)	 - SSH X.509 certificate tool (SSH-CERTTOOL.EXE)         - SSH shareable image (SSHSHR.EXE)         A new version of the following common TCPware utilities are 	 provided for TCPware V5.8:         - TCPware command definitions (TCPWARE_COMMANDS.COM and           TCPware.CLD)	 This ECO is dependent upon the following TCPware ECOs:	 - NET_V592P020 for TCPware V5.9         - NET_V582P010 for TCPware V5.8         A system reboot is requred after installing this ECO, to load 	 the new software features.         This kit has an ECO ranking of 2.	 This kit includes the following corrections:	o  Correct a possible ACCVIO on SFTP [M]PUT commands.	   [DE 11048/DE 11066]	o  Correct problems with incomplete transfers in SFTP record mode.	   [DE 11044]	 o The SSH_LOG:SSHD.LOG file has an extra <CR> character at the   	   end of each line, which could make it difficult to parse	   programatically.  This has been changed such that if the	   system-wide logical name TCPWARE_SSH2_SERVER_DEBUG_NOCR is	   defined (the value doesn't matter), the trailing <CR> will   	   not appear on debug log lines.  [DE 11103]	 o On Integrity systems only, SSHLEI.EXE has been moved from 	   SYS$LOADABLE_IMAGES to the TCPWARE_COMMON:[TCPWARE] 	   directory.  This fixes problems caused by the incorrect	   version of SSHLEI.EXE existing in SyS$LOADABLE_IMAGES.	 o Correct some file truncation problems. [DE 11079]	 o Change SCP2 and SFTP2 to open destination files for write only 	   instead of read/write to provide interoperability with more 	   implementations.	 o Restore SFTP2 & SCP2 password prompt to include a space after the	   colon as it had in previous versions.  [DE 11065]                   *** Notes for Kerberos 5 Support ***         Support for Kerberos 5 is based on HP Kerberos V5 for OpenVMS.         SSH may be configured and used at any time, either with or         without Kerberos; however, Kerberos is required to perform Kerberos          authentication in the SSH server.  If Kerberos is installed at some          later time after SSH is started, restarting SSH will allow it to          use Kerberos.         Some chapters of the TCPware documentation having to do with SSH         have been updated for TCPware V5.8.  New PDF files of these          are supplied in this ECO for those versions of TCPware, and are          copied to the TCPWARE_COMMON:[TCPWARE] directory.           These are:             TW_MANAGEMENT_SSH1_SERVER_CH25.PDF             TW_MANAGEMENT_SSH2_SERVER_CH26.PDF             TW_USER_GUIDE_SSH_CLIENT_CH16.PDF             TW_USER_GUIDE_FILE_XFER_CH17.PDF---------------------------------------------------------------------------			Post Installation Notes    The old version of the replaced SSH components will be renamed to             TCPWARE_COMMON:[TCPWARE]SSH2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSHD.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSHD2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSHD_MASTER.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-ADD2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-AGENT2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SCP2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-KEYGEN.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-KEYGEN2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-SIGNER2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-CERTVIEW.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH-CERTENROLL2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SCP-SERVER1.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SFTP-SERVER2.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSHD2_CONFIG.TEMPLATE_OLD             TCPWARE_COMMON:[TCPWARE]SSHLEI.EXE_OLD             TCPWARE_COMMON:[TCPWARE]LOAD_SSHLEI.EXE_OLD             TCPWARE_COMMON:[TCPWARE]UNLOAD_SSHLEI.EXE_OLD	     TCPWARE_COMMON:[TCPWARE]SSH_FSCLM.EXE_OLD	     TCPWARE_COMMON:[TCPWARE]SSH_ZLIB.EXE_OLD             TCPWARE_COMMON:[TCPWARE]SSH_CONTROL.COM_OLD             TCPWARE_COMMON:[TCPWARE]TCPWARE_COMMANDS.COM_OLD    Once installed, you may undo this patch by renaming the files    back to their original names, and restarting the SSH component.    NOTE: You must reboot your system after installing this ECO,          to load the new software features.---------------------------------------------------------------------------	This ECO also addresses all of the same problems from the	previous SSH ECOs:	SSH_V592P010	------------        o Correct problems with specifying a version number on a    	  source file and getting the file appropriately transferred 	  to the remote system.  [DE 9852/10242]        o Errors from attempting to close a file that is already 	  closed are now ignored. Don't make call to set file 	  characteristics when there are no characteristics to be set.  	  [DE 10829]        o Improvements to FXP_REALPATH processing.  [DE 10832]        o Remove hashing data structures from buffer management data	  structures to reduce memory utilization. (TCPware SCP2 & 	  SFTP2 do not support file hashing to check to see if a file 	  is different before transferring.)  [DE 10937]        o An assertion in SSHADT in the SSHD2 server could	  fail, causing the server to abort. [10967]        o SSH OPCOM session accept and session reject messages	  would sometimes display garbage at the end of the	  message. [DE 10629]        o Corrected an ACCVIO when public key authentication	  fails in batch mode. [DE 10675]        o When using the VMS Authentication Module and LDAP	  for authentication, the LDAP_ALLOW_NULL_PASSSWORD 	  flag isn't honored properly.        o Problems with DCL passing arguments to SSH on Integrity	  systems when using /PARSE_STYLE=EXTENDED.  [DE 11002]        o When connecting to an Integrity management processor, the  	  key guess is incorrect.  [DE 10979]        o The number of connection attempts and the timeout for each	  attempt for the client needs to be configurable. The following	  configuration keywords in SSH2_DIR:SSH2_CONFIG have been	  added:		ConnectionTimeout (default zero seconds) 		ConnectionAttempts (default 5)	  [DE 9175]        o DSA host keys can't be generated.  [DE 10972]        o VAX keys can't be generated on some versions of VAX/VMS.        o The user group in the UAF isn't used when doing group 	  comparisions (e.g., AllowGroups or DenyGroups).  [DE 10958]