SSH

Installing on Windows

The Windows installation packages are provided in the MSI (Windows Installer) format. There are separate Tectia Server installation packages for Microsoft Windows versions running on the 32-bit (x86) and 64-bit (x86-64) platform architectures. Tectia Server installation packages can be used to install also Tectia Client.

The installation package is a zip file containing the Tectia Client/Server license files and the executable Windows Installer (MSI) packages.

You must have administrator rights to install Tectia Client/Server on Windows.

For Tectia Client/Server to be fully functional after installation, you must restart the computer.

[Note]Note

If you do not restart the computer after installing Tectia Server, the server will run with the following limitations in the authentication of local users and domain users from one-way trusted domains:

  • Public-key authentication will not work.

  • Certificate authentication, keyboard-interactive submethods RADIUS and RSA SecurID, and host-based authentication will only work if the password cache (see Password Cache) is enabled and the user's password is stored in the cache.

  • Authentication selectors of type User group (user-group) and Administrator (user-privileged) will not work. (For more information on selectors, see Editing Selectors.)

Tectia Server will write warning messages into the Windows Event Log. Use the Windows Event Viewer to examine the log contents (On the Tectia Server Configuration tool's Tectia Server page, click the View Event Log button.

[Note]Note

Tectia Server cannot be installed on file systems that do not support permissions (for example, FAT16 or FAT32). The hard disk partition where Tectia Server is installed must use the NTFS file system.

The installation is carried out by a standard installation wizard. The wizard will prompt you for information and will copy the program files, install the services, and generate the host key pair for the server.

To install Tectia Server and (optionally) Tectia Client on Windows, follow the instructions below:

  1. Make sure no other software is using port 22 (Tectia Server default listen port). Stop any competing server software or change their listen port.

  2. Extract the contents of the installation zip file to any temporary location.

  3. Locate the correct Windows Installer file ssh-tectia-client-server-<version>-windows-<platform>.msi, where:

    • <version> shows the Tectia Client/Server release version and build number, for example 6.4.14.123.

    • <platform> shows the platform architecture: x86 for 32-bit and x86_64 for 64-bit Windows versions.

  4. Double-click the installation file, and the installation wizard will start.

    [Note]Note

    The license files will be imported automatically when you extract the contents of the .zip package before running the .msi installer.

    If you run the .msi installer directly from the .zip package, you need to manually import the license files (sts64.dat for Tectia Server and stc64.dat for Tectia Client) after completing the installation. The installation wizard will show an error message about missing license files, and when you attempt to start Tectia Client/Server, you are prompted to import the license(s) manually to the license directory:

    • "C:\Program Files\SSH Communications Security\SSH Tectia\SSH Tectia AUX\licenses" on 32-bit Windows versions

    • "C:\Program Files (x86)\SSH Communications Security\SSH Tectia\SSH Tectia AUX\licenses" on 64-bit Windows versions

  5. Follow the wizard through the installation steps and fill in information as requested.

    The installation wizard will display options Typical, Custom and Complete.

    If you do not want to install both Tectia Server and Client, select Custom and choose which product components you wish to install.

    The server host key is generated during the installation.

  6. When the installation has finished, click Finish to exit the wizard.

  7. Fresh installation always requires restarting the computer. In case you were performing an upgrade, a restart is not necessarily required.

  8. Restart the computer.

    Tectia Server will start automatically every time the computer is started, and it stays running in the background. Tectia Server displays no icons on the desktop, but you can see it listed in the Windows Start → Programs menu.

    In case the server does not (re)start automatically, you can start it manually according to the instructions given in Starting and Stopping on Windows.

Silent Installation

Tectia Server can also be installed silently on a server host. Silent (non-interactive) installation means that the installation procedure will not display any user interface and will not ask any questions from the user. This option is especially useful for system administrators, as it allows remotely-operated automated installations.

In silent mode, Tectia Server is installed with the default settings and without any additional features.

[Note]Note

After Tectia Server has been installed, it is automatically restarted.

The following command can be used to install Tectia Server silently:

msiexec /q /i ssh-tectia-server-<version>-windows-<platform>.msi INSTALLDIR="<path>"

In the command:

  • <version> shows the current version of Tectia Server, for example 6.4.14.123.

  • <platform> shows the platform architecture: x86 for 32-bit and x86_64 for 64-bit Windows versions.

  • <path> is the path to the desired installation directory. If the INSTALLDIR variable is omitted, Tectia Server is installed to the default location.

The above command installs all features available in the Tectia Server installer, including Tectia Client. If you wish to install only Tectia Server, use the ADDLOCAL property as follows:

msiexec /q /i ssh-tectia-server-<version>-windows-<platform>.msi ADDLOCAL=tectia_server \
INSTALLDIR="<path>"

It is also possible to use the Tectia Server installer to install only Tectia Client:

msiexec /q /i ssh-tectia-server-<version>-windows-<platform>.msi ADDLOCAL=tectia_client \
INSTALLDIR="<path>"