Symptom: Tectia Server fails to start and reports error "Invalid hostkey permissions for hostkey". This occurs usually after upgrading Tectia Server from 4.x to 6.x.
The permissions of the server host key file and directory have been made more strict since the 4.x releases. In 6.x, full permissions are allowed only for the Administrators group and the SYSTEM account, and no other permissions are set at all.
The host key permissions can be updated manually by using the ssh-keygen-g3 tool:
Go to the installation directory of Tectia Server:
"C:\Program Files\SSH Communications Security\SSH Tectia"
Set the permissions for the host key by running command:
$ ssh-keygen-g3 --set-hostkey-owner-and-dacl hostkey
For more information on the tool, see ssh-keygen-g3(1).