Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.

SSH Tectia

Security Precautions

It is assumed that the usual standards of corporate security are followed when integrating SSH Tectia Manager into an existing environment.

Pay attention to the following security issues:

  • The Management Server host root accounts must be limited to authorized superusers, only.

  • The Management Server does not contain passwords or other access data for opening terminals to the monitored hosts, only for controlling the Management Agents.

  • The Management Server (dbsrv8) accepts connections from the network by default (port 2638). It is important to change the default password.

  • There should be no unnecessary open ports on the managed hosts.

  • The administrator group roles can be segregated according to the allowed host groups and management actions.

  • The Management Agent and administration interface connections are TLS-secured. The weak TLS ciphers (56-bit keys) are NOT supported by the web administration interface.

  • All administrator actions, including logins and logouts, are stored in the administrator audit log.

  • The Management Agent runs with root or admin privileges (system service or daemon).

  • The web-server administrator access is allowed via an encrypted tunnel only.

  • Critical database contents are 3DES-encrypted (host PSKs, admin passwords).

In case you identify any further issues compromising system security, please inform Tectia, see instructions at

Please note that this Administrator Manual does NOT detail general security precautions that are required when incorporating a system such as SSH Tectia Manager into a production environment. These issues include:

  • Hardening the SSH Tectia Manager host on the operating system level

  • The physical security of the SSH Tectia Manager and its Management Server

  • The security on administrator workstations connecting to the Management Server through the administration interface (for example, turning off browser password caching).