Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Installing on Solaris

SSH Tectia Server is available for Sun Solaris 8, 9, and 10 on the 32-bit SPARC architecture and for Solaris 10 on the 64-bit x86-64 architecture.

SSH Tectia Server includes support for Zones on Solaris 10. The SSH Tectia software can be installed into the global and local zones. When the SSH Tectia software is installed into the global zone, it becomes automatically installed also into the existing local zones. However, SSH Tectia Server needs to be separately installed into local zones added later into the system. For instructions, see the Sun Microsystem documentation: System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.

SSH Tectia Server includes support for Entrust certificates on Solaris 8. The necessary libraries are automatically included in the installation.

The downloaded online installation package contains the compressed installation files. On the CD-ROM, the installation packages for Solaris are located in the /install/solaris/ directory.

Two packages are required: one for the common components of SSH Tectia Client and Server, and another for the specific components of SSH Tectia Server.

To install SSH Tectia Server on Solaris, follow the instructions below:

  1. Make sure no other Secure Shell software is using port 22 (SSH Tectia Server default listen port). Stop any competing server software or change their listen port.

  2. Select the installation package according to your Sun Solaris version.

    When installing on Solaris version 8, 9 or 10 running on the 32-bit SPARC architecture, select the following packages:


    When installing on Solaris version 10 running on the 64-bit x86-64 architecture, select the following packages:


    In the command, <ver> is the current package version of SSH Tectia Server (for example,

  3. Unpack the installation packages to a suitable place. The standard place is /var/spool/pkg in Solaris environment. Run the following commands:

    $ uncompress ssh-tectia-common-<ver>-<arch>.pkg.Z
    $ uncompress ssh-tectia-server-<ver>-<arch>.pkg.Z

    In the commands, <arch> is the platform architecture sparc-solaris8-10 or x86_64-solaris10.

  4. Install the packages with the pkgadd tool with root privileges:

    # pkgadd -d ssh-tectia-common-<ver>-<arch>.pkg all
    # pkgadd -d ssh-tectia-server-<ver>-<arch>.pkg all

    The server host key is generated during the installation. The key generation may take several minutes on slow machines.

  5. (Not necessary in "third-digit" maintenance updates.) Copy the license file to the /etc/ssh2/licenses directory. See Licensing.

    If this is the initial installation of SSH Tectia Server, the directory does not yet exist. You can either create it manually or copy the license after the installation. In the latter case, you have to start the server manually after copying the license file.

  6. The installation should (re)start the server automatically.


    If the server does not start (for example because of a missing license or because some other secure shell software is running on port 22), you can start it after correcting the problem by issuing the command:

    # /etc/init.d/ssh-server-g3 start

On Solaris 8 and 9, it is recommended that you raise the maximum open files limit. The default limit for open files per process is set to 256, but it is too low for SSH Tectia Server that will receive lots of connections. The servant may run out of file descriptors causing the connections to fail.

How much the maximum open files limit must be raised depends on the server load and the number of servants running; 8192 should be sufficient in most cases.

You can set the maximum open files limit to 8192 as follows:

  • Before starting the ssh-server-g3, run this command in shell:

    # ulimit -n 8192 

The default limit set for open files varies between operating system versions. Refer to the instructions of your operating system for more information.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now