TEctia® SSH client/server
Secure file transfer & remote access with the gold-standard solution
Save time, guarantee business continuity and get peace of mind with the leading enterprise software for fast encrypted file transfers and secure remote access. Tectia is the proven market leader that combines enterprise-grade reliability, high performance and 24/7 support.
How can Tectia help you protect your business?
Meet compliance standards
It’s not a coincidence that 4/5 of big banks and US Federal agencies use Tectia. Many regulations, such as PCI-DSS and FIPS 140-2 require strong encryption for compliance. This is why Tectia supports X.509 PKI authentication, uses FIPS 140-2 certified cryptography, and supports smartcards, including U.S. Federal Government Personal Identity Verification (PIV) and Common Access Cards (CAC).
Transfer files faster
With Tectia SSH, you can rapidly encrypt and stream high volume secure file transfers via SSH File Transfer Protocol (SFTP) and Secure copy protocol (SCP) command line tools. Tectia also comes with a checkpoint/restart mechanism for transferring very large files in case of interruptions.
Secure remote access made easy
Making remote connections with Tectia is easy for technical and non-technical users alike. For example, you can assign users to groups with the option to select authentication methods or services as needed, transfer several files and entire directory structures at the same time, search files with a filter, or have multiple sessions to share the same authentication.
Protect 3rd party access
Tectia SSH Client and Server are fully interoperable with OpenSSH and standard SSHv2-compliant third-party implementations. You have the flexibility to stay secure with partners, subcontractors and consultants.
Integrate into heterogeneous environments
Tectia has secured interactive and automated connections for over 25 years. Its supported technologies range from legacy environments to modern hybrid environments including all flavors of Linux, Unix, and Windows and z/OS. This makes Tectia perfect for large-scale businesses and organizations around the globe.
We take responsibility
Our professional services team is always ready to help you succeed in large-scale deployments into multi-platform environments. We also offer 24/7 support for the most demanding customers around the globe.
Tectia SSH is developed and maintained fully in-house by a team of industry professionals. Tectia teams are well suited for environments where using open source is discouraged or outright prohibited.
Safeguard your M2M connections
When mission-critical data is in transit between machines, you need robust security around it. Tectia is the perfect solution for automated file transfers.
Evolve with your needs into Post Quantum Cryptography
We have a 25-year track record as innovators in cyber security and encryption. SSH.COM is also a leading player in post quantum cryptography (PQC) which we develop together with other leading companies and authorities in Finland.
Fully compatible with SSH.COM Zero Trust infrastructure
Tectia remote access connections can be made into Zero Trust compatible. A zero-trust connection eliminates permanent privileged access and unsecure superuser passwords, replacing them with just-in-time on-demand ephemeral certificates compatible with either X.509 or OpenSSH PKI. This will dramatically reduce the problems related to lost or compromised passwords, or unauthorized credentials.
Secure tunneling for any connection
Any TCP connection can be securely tunneled regardless of the higher layer protocol (HTTP, FTP, LDAP, SQL, Modbus TCP, Ethernet IP, Profinet, etc). A tunneled connection is an encrypted SSH connection that can safely pass through untrusted networks. In addition, agent forwarding will allow forwarding connections through intermediate servers without exposing target server credentials to the intermediate servers.
Who is Tectia SSH Client/Server for?
Organizations that benefit most from secure file transfers and remote access with Tectia SSH Client/Server:
- Need to comply with regulations, such as PCI-DSS or FIPS, like US Federal agencies, large financial institutions, retailers, insurance companies, etc.
- Require standard-based protocol implementation to ensure interoperability
- Have heterogenous server environments that are 10+ years old
- Want to reduce their SSH deployment and maintenance costs
- Need to secure critical M2M connections and remote access for 3rd parties
- Require high availability and 24/7 support for their connections
Why choose Tectia SSH Client/Server over OpenSSH?
#1: Save on software management costs
- Compiled and tested packages for all key platforms
- Centralized distribution of updates throughout heterogeneous network
- Consistent release cycle covering all separate platforms
- No compatibility risks
- No integration costs
- No need for expensive in-house technology expertise
- updates from multiple sources & patches separately for each platform => adds administrative costs
- Release cycles and policies different for each source => multiplies maintenance
- resolve interoperability and consistency between implementations
- document all steps involved in deployment and maintenance
- maintain expensive in-house technology expertise
- working with OpenSSH source code creates extra costs
#2: Save on authentication integration costs
- Tectia incorporates broad, tested and documented authentication integration
- Developed in co-operation with enterprise customers
- Minimizes in-house engineering and other integration costs
- Developing authentication integration requires in-house: Requirement specification, development, testing, documentation and maintenance
- Costly in-house project management and software engineering resources needed
- Have to rely on 3rd-party patches with limited support
#3: Save on support and Helpdesk costs
- Single point of contact for all Secure Shell related support requests
- Extensive, consistent support packages available for all platforms
- Multiple points of contact in Secure Shell related inquiries
- Inconsistent support and maintenance policies between different platforms
- Limited support for Unix bundled OpenSSH packages
- No support for in-house OpenSSH compilations
Compiled and tested packages for all key platforms
Saves systems administrators tasks of tracking and obtaining updates from multiple sources. Reduces test time as well.
Available long term support versions
Stay with one version of Secure Shell across the enterprise, even as OS versions change.
Smooth integration with the Authentication, Authorization and Accounting (AAA) infrastructure
Support for multiple authentication systems: including X.509, SecurID, GSSAPI, CAC.
Tectia SSH Client and Server are fully interoperable with OpenSSH and standard SSHv2-compliant third-party implementations. No issues creating secure connectivity with business partners or within mixed environments.
- Strong encryption
- SFTP and SCP command line tools
- Multi-gigabyte file size support
- Resume on re-transfer
- Configurable compression
- Automatic application tunneling
- Nested tunnel support
- Automated connection set-up
- Fully interoperable with OpenSSH
- TCP/IP port forwarding
- Multiplexing – multiple SSH sessions over a single TCP/IP connection
- IETF Compliant
- Configurable rekeying policies
- GSSAPI/Kerberos support
- OpenSSH key support
- Third-party authentication support
- FIPS-certified cryptographic module
Highlights of supported cryptographic algorithms
- ECDSA, ED25519
- AES, AES-GCM
- HMAC (MD5, SHA-2)
- Diffie-Hellman (SHA-2, Elliptic Curve)
- Upcoming Quantum Ready algorithms