Your browser does not allow storing cookies. We recommend enabling them.


Tectia® Client 6.2

User Manual

Tectia Corporation

This software is protected by international copyright laws. All rights reserved. Tectia® and ssh® are registered trademarks of Tectia Corporation in the United States and in certain other jurisdictions. The Tectia and SSH logos are trademarks of Tectia Corporation and may be registered in certain jurisdictions. All other names and marks are property of their respective owners.

No part of this publication may be reproduced, published, stored in an electronic database, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, for any purpose, without the prior written permission of Tectia Corporation.


For Open Source Software acknowledgements, see appendix Open Source Software License Acknowledgements in the User Manual.

18 April 2012

Table of Contents

1. About This Document
Documentation Conventions
Operating System Names
Directory Paths
Customer Support
Component Terminology
2. Installing Tectia Client
Preparing for Installation
System Requirements
Hardware and Disk Space Requirements
Installation Packages
Upgrading Previously Installed Tectia Client Software
Downloading Tectia Releases
Installing the Tectia Client Software
Installing on AIX
Installing on HP-UX
Installing on Linux
Installing on Solaris
Installing on Windows
Installing on VMware ESX
Installing on Linux on IBM System z
Removing the Tectia Client Software
Removing from AIX
Removing from HP-UX
Removing from Linux
Removing from Solaris
Removing from Windows
Removing from VMware ESX
Removing from Linux on IBM System z
Files Related to Tectia Client
File Locations on Unix
File Locations on Windows
Registry Keys on Windows
Symlinks between ssh/scp/sftp and sshg3/scpg3/sftpg3 (on Unix)
3. Getting Started with Tectia Client
Product Components
First Login to a Remote Host
Logging in with Tectia SSH Terminal GUI (on Windows)
Logging in with Command-Line sshg3
Using Public-Key Authentication
Configuring Tectia Client
Connection Broker Configuration
Connection Broker Configuration Files
Command-Line Tools
Creating Connection Profiles
Defining Connection Profile Settings
Enabling FIPS 140-2 Mode
Enabling FIPS Mode Using Configuration GUI
Enabling FIPS Mode Using Configuration File
FIPS-Certified Cryptographic Library
4. Authentication
Supported User Authentication Methods
Compatibility with OpenSSH Keys
Server Authentication with Public Keys
Host Key Storage Formats
Using the System-Wide Host Key Storage
Resolving Hashed Host Keys
Using the OpenSSH known_hosts File
Server Authentication with Certificates
Managing CA Certificates with the Configuration File (Unix)
Managing CA Certificates with the GUI
User Authentication with Passwords
Defining Password Authentication with the Configuration File (Unix)
Using Stored Passwords in Connection Profiles
Managing Authentication Methods with the GUI
User Authentication with Public Keys
Creating Keys with ssh-keygen-g3
Uploading Public Keys Manually
Creating Keys with the Public-Key Authentication Wizard
Using Keys Generated with OpenSSH
Special Considerations with Windows Servers
User Authentication with Certificates
Using the Configuration File (Unix)
Configuring User Authentication with Certificates on Windows
Importing PKCS Certificates with Tectia Connections Configuration GUI
Host-Based User Authentication (Unix)
User Authentication with Keyboard-Interactive
Defining Keyboard-Interactive Method with the Configuration File (Unix)
Defining Keyboard-Interactive Method with the GUI
User Authentication with GSSAPI
Defining GSSAPI Method with the Configuration File (Unix)
Defining GSSAPI Method with the GUI
5. Transferring Files
Secure File Transfer with scpg3 and sftpg3 Commands
Using scpg3
Using sftpg3
Enhanced File Transfer Functions
Secure File Transfer GUI (Windows)
Defining Secure File Transfer GUI Settings
Downloading Files with Tectia Secure File Transfer GUI
Uploading Files with Tectia Secure File Transfer GUI
Transfer and Queue Tabs
Defining File Properties
Differences from Windows Explorer
Controlling File Transfer
Site Command
6. Secure Shell Tunneling
Local Tunnels
Non-Transparent TCP Tunneling
Non-Transparent FTP Tunneling
SOCKS Tunneling
Remote Tunnels
X11 Forwarding
Agent Forwarding
7. Troubleshooting Tectia Client
Starting Connection Broker in Debug Mode
Collecting System Information for Troubleshooting
Answers to Common Problems
A. Connection Broker Configuration Tools
Tectia Connections Configuration GUI
Opening the GUI
Defining General Settings
Defining Connection Profiles
Defining User Authentication
Defining Server Authentication
Defining Automatic Tunnels
Configuration File for Connection Broker
Backup of Configuration Files
Broker Configuration File Syntax
Tectia Shortcut Menu (Windows and Linux)
Tectia Connection Status Window
B. Configuring Tectia SSH Terminal GUI and Tectia Secure File Transfer GUI (Windows)
Defining Global Settings
Defining the Appearance
Selecting the Font and Terminal Window Size
Selecting Colors
Defining Messages
Defining File Transfer Settings
Defining Advanced File Transfer Options
Defining File Transfer Mode
Defining Local Favorites
Defining Security Settings
Using Command-Line Options
Customizing the User Interface
Saving Settings
Loading Settings
Customize Dialog
Customizing Toolbars
C. Command-Line Tools and Man Pages
ssh-broker-g3 - Tectia Connection Broker - Generation 3
ssh-broker-ctl - Tectia Connection Broker control utility
ssh-troubleshoot - tool for collecting system information
sshg3 - Secure Shell terminal client - Generation 3
scpg3 - Secure Shell file copy client - Generation 3
sftpg3 - Secure Shell file transfer client - Generation 3
ssh-translation-table - Secure Shell Translation Table
ssh-keygen-g3 - authentication key pair generator
ssh-keyfetch - Host key tool for the Secure Shell client
ssh-cmpclient-g3 - CMP enrollment client
ssh-scepclient-g3 - SCEP enrollment client
ssh-certview-g3 - certificate viewer
ssh-ekview-g3 - external key viewer
D. Egrep Syntax
Egrep Patterns
Escaped Tokens for Regex Syntax Egrep
Character Sets For Egrep
E. Audit Messages
F. Open Source Software License Acknowledgements




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now