Efficient Management of Tectia and OpenSSH Configurations

Tectia Manager can be used to create, store and deploy the SSH software configurations to the managed hosts, and to monitor the managed hosts for any changes made locally in the configurations. If modifications are detected, administrators can decide whether to overwrite them with the official managed configuration.

Tectia Manager enables centralized management of Tectia and OpenSSH configurations. This makes it easy to ensure that relevant security policies are followed on the managed hosts. The centralized deployment of SSH configurations also saves time and costs, as there is no need to configure each host separately.

Tectia Client configuration

Figure 2.4. Tectia Client configuration

The Tectia Manager administrator can create configurations for the different components of an SSH client/server solution, for example to enable secure file transfer, secure application connectivity or secure system administration. The configuration settings of Tectia Client, ConnectSecure, and Server have their own edit views in the Tectia Manager administration interface, while the XML configurations of OpenSSH client and server configurations are handled in text format. The administrator can create several different configurations for different SSH products and host groups.

The configurations are stored in the Tectia Manager database. Once ready, the administrator can assign the configurations to relevant host groups and initiate the deployment to the hosts. Once the configurations have been deployed to the remote hosts, Tectia Manager monitors the SSH environment and marks configurations that include locally made modifications. Tectia Manager administrator can either approve the local changes, or decide to overwrite them with the configuration maintained by Tectia Manager.