SSH

Installing on AIX

The downloaded installation package contains the compressed installation files.

Two packages are required: one for common components of Tectia ConnectSecure and Tectia Server, and one for specific components of Tectia ConnectSecure.

With Tectia ConnectSecure you may choose to install:

  • the basic client package

  • the optional capture package for FTP-SFTP conversion and transparent tunneling

    Note that with AIX 6.1 and later, the Enhanced Role Based Access Control (RBAC) mode has to be reconfigured or disabled when the capture is used.

  • the additional sdk package containing the file transfer API in C.

To install Tectia ConnectSecure on AIX, follow the instructions below:

  1. Unpack the downloaded tar package.

  2. Unpack the installation packages:

    $ uncompress ssh-tectia-common-<version>-aix-6-7-powerpc.bff.Z
    $ uncompress ssh-tectia-client-<version>-aix-6-7-powerpc.bff.Z
    $ uncompress ssh-tectia-capture-<version>-aix-6-7-powerpc.bff.Z
    

    In the commands, <version> indicates the product release version and the current build number (for example, 6.4.14.123).

  3. Install the packages by running the following commands with root privileges:

    # installp -d ssh-tectia-common-<version>-aix-6-7-powerpc.bff SSHTectia.Common
    # installp -d ssh-tectia-client-<version>-aix-6-7-powerpc.bff SSHTectia.Client
    # installp -d ssh-tectia-capture-<version>-aix-6-7-powerpc.bff \ 
                  SSHTectia.Capture
    
  4. (Optional) If you want the file transfer API, unpack and install the SDK installation package with root privileges:

    $ uncompress ssh-tectia-sdk-<version>-aix-6-7-powerpc.bff.Z
    # installp -d ssh-tectia-sdk-<version>-aix-6-7-powerpc.bff SSHTectia.SDK
    
  5. Copy the license file to directory: /etc/ssh2/licenses. (This is not necessary in "third-digit" maintenance updates.) For information on licensing, see Licensing.

On AIX 6.1 and later, the default configuration of Enhanced Role Based Access Control (RBAC) prevents system binaries, such as FTP and Telnet, from working. In order to be able to use the ssh-tectia-capture features, such as FTP-SFTP conversion, you need to either configure RBAC to permit capture on the relevant binaries or disable RBAC completely. Consult IBM documentation on RBAC for the configuration instructions.

To disable RBAC, follow these instructions:

  1. To check if RBAC is enabled, enter command:

    $ lsattr -El sys0 |grep RBAC
    

    If RBAC is enabled, you get the response:

    enhanced_RBAC true Enhanced RBAC Mode True
  2. To disable RBAC, enter command:

    $ chdev -l sys0 -a enhanced_RBAC=false
    
  3. Reboot the computer.