Your browser does not allow storing cookies. We recommend enabling them.


Installing on AIX

The downloaded installation package contains the compressed installation files.

Two packages are required: one for common components of Tectia ConnectSecure and Tectia Server, and one for specific components of Tectia ConnectSecure.

With Tectia ConnectSecure you may choose to install:

  • the basic client package

  • the optional capture package for FTP-SFTP conversion and transparent tunneling

    Note that with AIX 6.1 and later, the Enhanced Role Based Access Control (RBAC) mode has to be reconfigured or disabled when the capture is used.

  • the additional sdk package containing the file transfer API in C.

To install Tectia ConnectSecure on AIX, follow the instructions below:

  1. Unpack the downloaded tar package.

  2. Unpack the installation packages:

    $ uncompress ssh-tectia-common-<version>-aix-6-7-powerpc.bff.Z
    $ uncompress ssh-tectia-client-<version>-aix-6-7-powerpc.bff.Z
    $ uncompress ssh-tectia-capture-<version>-aix-6-7-powerpc.bff.Z

    In the commands, <version> indicates the product release version and the current build number (for example,

  3. Install the packages by running the following commands with root privileges:

    # installp -d ssh-tectia-common-<version>-aix-6-7-powerpc.bff SSHTectia.Common
    # installp -d ssh-tectia-client-<version>-aix-6-7-powerpc.bff SSHTectia.Client
    # installp -d ssh-tectia-capture-<version>-aix-6-7-powerpc.bff \ 
  4. (Optional) If you want the file transfer API, unpack and install the SDK installation package with root privileges:

    $ uncompress ssh-tectia-sdk-<version>-aix-6-7-powerpc.bff.Z
    # installp -d ssh-tectia-sdk-<version>-aix-6-7-powerpc.bff SSHTectia.SDK
  5. Copy the license file to directory: /etc/ssh2/licenses. (This is not necessary in "third-digit" maintenance updates.) For information on licensing, see Licensing.

On AIX 6.1 and later, the default configuration of Enhanced Role Based Access Control (RBAC) prevents system binaries, such as FTP and Telnet, from working. In order to be able to use the ssh-tectia-capture features, such as FTP-SFTP conversion, you need to either configure RBAC to permit capture on the relevant binaries or disable RBAC completely. Consult IBM documentation on RBAC for the configuration instructions.

To disable RBAC, follow these instructions:

  1. To check if RBAC is enabled, enter command:

    $ lsattr -El sys0 |grep RBAC

    If RBAC is enabled, you get the response:

    enhanced_RBAC true Enhanced RBAC Mode True
  2. To disable RBAC, enter command:

    $ chdev -l sys0 -a enhanced_RBAC=false
  3. Reboot the computer.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more