Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

SSH Tectia® Manager 6.0

Administrator Manual

Tectia Corporation

This software is protected by international copyright laws. All rights reserved. ssh® and Tectia® are registered trademarks of Tectia Corp in the United States and in certain other jurisdictions. The SSH and Tectia logos are trademarks of Tectia Corp and may be registered in certain jurisdictions. All other names and marks are property of their respective owners.

No part of this publication may be reproduced, published, stored in an electronic database, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, for any purpose, without the prior written permission of Tectia Corp.


For Open Source Software acknowledgements, see appendix Open Source Software License Acknowledgements in the Product Description.

13 April 2011

Table of Contents

1. About This Document
Component Terminology
Documentation Conventions
Operating System Names
Directory Paths
Customer Support
2. Installing Management Server
Planning the Management Server Installation
System Requirements of the Management Server
Security Precautions
Preparing for Installation
Installing the Management Server
Installing on Linux
Installing on Solaris
Initial Configuration
Directory Structure of the Management Server
Files Created during Installation
Files Created during Initial Configuration
SSH Tectia Manager Configuration File
Defining Login Banner Message for Administration Interface
Upgrading SSH Tectia Manager
Upgrading SSH Tectia Manager (Sybase)
Upgrading SSH Tectia Manager (Oracle)
Removing the Management Server
Removing from Linux
Removing from Solaris
3. Getting Started with SSH Tectia Manager
Using the Administration Interface
Pre-Requisites for Management
Logging In as Superuser
Changing the Administrator Password
Changing the Administrator Timezone
Logging Out
Managing Host Views and Groups
Managing Host Views
Managing Host Groups
Managing Administrators
Managing Admin Accounts
Managing Admin Groups and Permissions
Configuring Extended Admin Authentication
4. Installing Management Agents
Planning the Management Agent Installation
System Requirements of the Management Agent
Installation Options
After Installation
Managing Initial Configuration Blocks (ICBs)
Creating ICBs
Downloading ICBs
Editing ICBs
Expiring ICBs Manually
Installing Management Agents
Installing Manually on Linux
Installing Manually on Solaris
Installing Manually on AIX
Installing Manually on HP-UX
Installing Manually on Windows
Using Third-Party Software Deployment Tools
Upgrading Management Agents Remotely
Directory Structure of the Management Agent
Unix Platforms
Removing the Management Agent Manually
Removing from Linux
Removing from Solaris
Removing from AIX
Removing from HP-UX
Removing from Windows
5. Distributed Environment
Managing a Distribution Server hierarchy
Deploying a Distribution Server hierarchy
Adding a Distribution Server
Distribution Server settings
6. Managing Hosts
Host Grouping
Managing Auto-Assign Rules
Managing the Host Groupings Manually
Advanced Host Search
Viewing Host Info
Configuring the Syslog Facility for Management Agent (Unix)
Collecting and Viewing SSH Tectia Server Logs
Viewing the Event Logs
Viewing the Audit Logs
Viewing Reports
Viewing System Statistics
Viewing Host Summary Reports
Viewing Application Connection License Usage
7. Installing SSH Tectia on the Managed Hosts
Importing SSH Tectia Packages into SSH Tectia Manager
Importing SSH Tectia CD Contents
Importing a Single SSH Tectia Installation Package
Importing Downloaded Update and Upgrade Packages
Importing SSH Tectia Connector 4.4-5.3 Application Connection Licenses
Installing SSH Tectia Remotely via SSH Tectia Manager
Installing SSH Tectia Client via SSH Tectia Manager
Installing SSH Tectia ConnectSecure via SSH Tectia Manager
Installing SSH Tectia Server via SSH Tectia Manager
Installing SSH Tectia Connector via SSH Tectia Manager
Upgrading SSH Tectia Remotely via SSH Tectia Manager
Upgrading SSH Tectia Server 4.x
Upgrading SSH Tectia Connector 4.x
Upgrading SSH Tectia Client and Server from 4.x to 5.x-6.x
Removing SSH Tectia Remotely via SSH Tectia Manager
8. Configuring SSH Tectia
Configuring SSH Tectia G3
Configuration Options
Configuration Task Flow
SSH Tectia G3 Configuration Commands
Advanced XML Configuration
Legacy Configurations (SSH Tectia Client 5.x)
Configuring SSH Tectia 4.x
Configuration Options
Configuring SSH Tectia Server 4.x (Unix)
Configuring SSH Tectia Server 4.x (Windows)
Configuring SSH Tectia Client 4.x (Unix)
Configuring SSH Tectia Client 4.x (Windows)
Special Extensions and Subconfigurations
Configuring SSH Tectia Connector 4.x-5.x
Global Tunneling Settings
Tunneling Parameters
Application Definitions
Tunneling Policy Rules
SSH Tectia Connector Configuration File
Configuring Management Agent
Viewing and Comparing Configurations (SSH Tectia G3)
Assigning Configurations per Group
Deploying Configurations
Configuring Authentication Settings
Configuring Internal CA
Managing Host Authentication
User Certificate Authentication
Other Host Management Options
Stopping and Starting Secure Shell Servers Remotely
9. Maintaining Management Server
Backing Up Configuration Data and Database Files
Creating a Backup
Restoring a Backup
Managing Logs
Configuring the Syslog Facility for Management Server
Deleting or Downloading Logs
Recreating Superusers
Changing External Database Password
Exporting Information from Database
10. Troubleshooting
Troubleshooting Management Server and Management Agent
Problems with Management Agents
Problems with LDAP Authentication
A. Advanced Information
SSH Tectia Manager Components
Management Server
Management Agent on Unix
Management Agent on Windows
Management Server Log Collection Process
Host Key Distribution Process
SSH Tectia Manager Default Ports
Using an Oracle Database
Automatic Initial Deployment
Activating Automatic Initial Deployment
Installing Remotely
B. Package Dependencies
Management Agent
Management Server
C. Supported Configuration Options
SSH Tectia G3
Client XML
Server XML
SSH Tectia 4.x
SSH Tectia Server
SSH Tectia Client (Unix)
SSH Tectia Client (Windows)
Configuration Sets (Windows)
Authentication Settings (version 4.x only)
Enrollment Settings
Management Agent
SSH Tectia Connector
Policy rules
Application definitions
Tunneling Parameters
Global Settings




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now