Your browser does not allow storing cookies. We recommend enabling them.


Installing Manually on Windows

On Windows, the initial installation of Management Agents can be done either manually or by using a third-party software deployment system. Initial installation via the Management Server is not supported.

The Management Agent uses and requires the MSI installation package 2.0 format used by the Windows Installer Service. (This service is included by default in Windows XP and later, so there is no need to install it separately on these systems.)

For information on the supported platforms, see Table 5.1.

On Windows Vista, .NET Framework 3.5 Service Pack 1 is reguired.

To install the Management Agent manually on Windows, follow these instructions:

  1. Double-click the ssh-mgmt-agent-<v>-windows-x86.msi file (where <v> is the version number).

  2. Follow these steps in the installation wizard:

    1. At the introduction screen, click Next.

    2. Click the radio button to accept the license and then click Next.

    3. Select a location where you what to install the agent and click Next.

    4. Click Install.

    The wizard will install the Management Agent to the selected directory.

  3. Download a valid ICB from the Management Server administration interface (see Downloading ICBs), and copy it to the Management Agent installation directory:

    C:\Program Files\SSH Communications Security\Tectia Manager\icb.dat

In case of problems, see Problems with Management Agents.

Alternatively, you can perform the installation with the command-line options detailed in the next section.

Command-Line Options

This section lists the command-line options for installing Management Agent to multiple host using silent installation.

MSI packages are generally installed from the command line with the following command:

msiexec.exe /i <path_to_msi_file> [options]

A typical script for a silent installation might look like this:

msiexec.exe /i "ssh-mgmt-agent-" /L* "C:\temp\setup.log" 
/qn INSTALLDIR="C:\Program Files\SSH Communications Security\Tectia Manager" 
ICBDIR="H:\Management Settings" 

In this example script:

  • /i <path_to_msi_file> specifies to msiexec.exe the MSI file to use.

  • /L* <path_to_log_file> indicates that a log of the installation is written.

  • /qn specifies that the installation should be silent.

  • ICBDIR="<path_to_icb_location>" specifies the directory name where the ICB file can be found.

  • INSTALLDIR="<path_to_installation_location>" specifies the directory name where the agent is installed. If this option is omitted, the default location "C:\Program Files\SSH Communications Security\Tectia Manager" is used.

Installer Details

When deploying the Management Agent on Windows using the command-line scripts, you should know a little about how the installer works. The following is a step-by-step description of the actions the installer typically runs in silent mode or after the Install button has been clicked in the installation wizard mode.

Pre-Installation Phase

1. The installer shuts down the Management Agent service ssh-mgmt-sysmonitor.exe.

2. The installer uninstalls any existing Management Agents. The installer removes all binaries, agent-secsh.dat and all registry entries associated with the application.

Installation Phase

3. The installer installs the following components to the path specified in the INSTALLDIR option:

  • the Management Agent binary: ssh-mgmt-sysmonitor.exe

  • the registry entries associated with the product

4. The installer attempts to install the ICB file based on the ICBDIR variable:

  1. If a file named icb.dat is located in the directory specified by the ICBDIR variable passed to the installer, it will be copied to the installation directory.

  2. If no ICBDIR is specified, the installer checks the root of the C:\ drive for the file.

  3. If no icb.dat file exists, nothing happens here.

5. The installer starts the Management Agent service ssh-mgmt-sysmonitor.exe.

The process is started for each user as they log on to Windows. To restart the system monitoring right away after installation, log off and then log back on.

See also Management Agent on Windows.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now