Your browser does not allow storing cookies. We recommend enabling them.

SSH

Starting Connection Broker in Debug Mode

The Connection Broker is an internal component included in Tectia Client and Tectia ConnectSecure. The Connection Broker handles all cryptographic operations and authentication-related tasks for Tectia Client, ConnectSecure, and the command-line tools sshg3, scpg3, sftpg3.

To start the Connection Broker in debug mode, follow these instructions:

  1. Open a shell (on Unix) or command prompt window (on Windows).

  2. Stop the Connection Broker, if it is currently running. Enter the following command to exit the Connection Broker. This will close all currently open connections of the current user:

    $ ssh-broker-g3 --exit
  3. Start the Connection Broker in debug mode by running the following command:

    $ ssh-broker-g3 -D<filter> -l <logfile>

    In the command:

    • logfile specifies the file to which the debug output will be directed

    • filter is an expression that takes the following syntax: "module=level,module=level,..."

    • module is an optional expression that can be used to restrict the debug output to only a particular module or to allow the use of varying debug levels for different modules.

    • level is an integer from 0 (no debug info) to 99 that specifies the desired amount of debug information.

      Note that levels 1-9 are the recommended ones. The higher the number, the more detailed the troubleshooting output will be, and the more the debugging will affect performance.

    The following example command starts the Connection Broker with global debug level 4 and outputs the debug information to a log file named broker.log:

    $ ssh-broker-g3 -D4 -l broker.log

    The following example command starts the Connection Broker with debug level 5 for modules starting with "SecShAuth" and level 2 for everything else:

    $ ssh-broker-g3 -D"SecShAuth*=5,2" -l broker.log
  4. Connect to a server using one of the clients:

    $ sshg3 user@host
  5. View the debug information for the connection in the broker.log file.

On Unix, you can display the debug output also by using the command line tools with argument -D. For example, the following command will display the debug output with a debug level 5 for modules starting with SecShAuth and level 2 for modules starting with Sft:

$ sftpg3 -D"SecShAuth*=5,Sft*=2" user@host


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more