Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Starting Connection Broker in Debug Mode

The Connection Broker is a shared component included in SSH Tectia Client and SSH Tectia Connector. The Connection Broker handles all cryptographic operations and authentication-related tasks for the SSH Tectia Client, SSH Tectia Connector, and the command-line tools sshg3, scpg3, sftpg3.

To start the Connection Broker in debug mode, follow these instructions:

  1. Open a shell (on Unix) or command prompt window (on Windows).

  2. Stop the Connection Broker, if it is currently running. Enter the following command to exit the Connection Broker. This will close all currently open connections of the current user:

    $ ssh-broker-g3 --exit
  3. Start the Connection Broker in debug mode by running the following command:

    $ ssh-broker-g3 -D<filter> -l <logfile>

    In the command:

    • logfile specifies the file to which the debug output will be directed

    • filter is an expression that takes the following syntax: "module=level,module=level,..."

    • module is an optional expression that can be used to restrict the debug output to only a particular module or to allow the use of varying debug levels for different modules.

    • level is an integer from 0 (no debug info) to 99 that specifies the desired amount of debug information.

      Note that levels 1-9 are the recommended ones. The higher the number, the more detailed the troubleshooting output will be, and the more the debugging will affect performance.

    The following example command starts the Connection Broker with global debug level 4 and outputs the debug information to a log file named broker.log:

    $ ssh-broker-g3 -D4 -l broker.log

    The following example command starts the Connection Broker with debug level 5 for modules starting with "SecShAuth" and level 2 for everything else:

    $ ssh-broker-g3 -D"SecShAuth*=5,2" -l broker.log
  4. Connect to a server using one of the clients:

    $ sshg3 user@host
  5. View the debug information for the connection in the broker.log file.

On Windows, you can view the the debug output also in the Logs view in the SSH Tectia Status window. To open the SSH Tectia Status window, right-click the SSH Tectia tray icon and select Status.

On Unix, you can display the debug output also by using the command line tools with argument -D. For example, the following command will display the debug output with a debug level 5 for modules starting with SecShAuth and level 2 for modules starting with Sft:

$ sftpg3 -D"SecShAuth*=5,Sft*=2" user@host




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now