Tectia

Chapter 5 Installing Management Agents

Managing the Secure Shell software and monitoring the file operations requires Management Agent installed on the remote hosts.

After the Management Server has been installed, the Management Agent installation packages for the same release can be found in the directory <server-root>/server/agents (by default /opt/ssh-mgmt/server/agents).

In the Tectia Manager administration interface, the Management Agent packages are available for remote installation in the Software section.

The Management Agent is responsible for initiating the management connection to the Management Server, and it takes care of installing, upgrading, and controlling the SSH software on the host, according to the commands from the Management Server. The Management Agent also collects logs from the monitored hosts and sends the collected data to the Management Server at one minute intervals.

The Management Agent installation consists of the following steps:

  1. Determine the operating system and hardware architecture of each target host and check that you have a compatible Management Agent package available.

  2. The Management Server generates an ICB file, that includes the data that the Management Agent will need to connect to the correct Management Server for the first time.

  3. The Management Agent package and the ICB file are sent to the host and installed.

  4. The Management Agent daemon starts up automatically and registers to the Management Server.

  5. Normal Tectia Manager operation ensues.

The connection between the Management Server and the managed hosts is secured with TLS. The Management Server authenticates itself with an X.509 certificate, and the Management Agent component on the host authenticates itself with a shared secret. The initial shared secret and information needed for checking the server certificate are delivered to the managed host in the Initial Configuration Block (ICB).