SSH Tectia Graphic 2
TEctia® SSH client/server

The gold-standard in secure file transfer, remote access & tunneling 

Save time, guarantee business continuity and get peace of mind with the leading enterprise software for fast encrypted file transfers, application-to-application tunneling and secure remote access. Tectia is the proven market leader that combines enterprise-grade reliability, high performance and 24/7 support.

Get Server Trial Get Client trial



The gold-standard in secure file transfer and remote access from the inventors of the SSH protocol.


All flavors of Linux, Unix, Windows and IBM z/OS supported.


24/7 support and professional services ensure that help is just one phone call away.

Learn more about our global Tectia customer base

Tectia references


“Great toolset for file transfer that also non-technical personnel know how to use”

- Large European financial institution

How can Tectia help you protect your business?


Meet compliance standards

It’s not a coincidence that 4/5 of big banks and US Federal agencies use Tectia. Many regulations, such as PCI-DSS and FIPS 140-2 require strong encryption for compliance. This is why Tectia supports X.509 PKI authentication, uses FIPS 140-2 certified cryptography, and supports smartcards, including U.S. Federal Government Personal Identity Verification (PIV) and Common Access Cards (CAC).


Transfer files faster

With Tectia SSH, you can rapidly encrypt and stream high volume secure file transfers via SSH File Transfer Protocol (SFTP) and Secure copy protocol (SCP) command line tools. Tectia also comes with a checkpoint/restart mechanism for transferring very large files in case of interruptions.


Secure remote access made easy

Making remote connections with Tectia is easy for technical and non-technical users alike. For example, you can assign users to groups  with the option to select authentication methods or services as needed, transfer several files and entire directory structures at the same time, search files with a filter, or have multiple sessions to share the same authentication.


Protect 3rd party access

Tectia SSH Client and Server are fully interoperable with OpenSSH and standard SSHv2-compliant third-party implementations. You have the flexibility to stay secure with partners, subcontractors and consultants.


Integrate into heterogeneous environments

Tectia has secured interactive and automated connections for over 25 years. Its supported technologies range from legacy environments to modern hybrid environments including all flavors of Linux, Unix, and Windows and z/OS. This makes Tectia perfect for large-scale businesses and organizations around the globe.


We take responsibility

Our professional services team is always ready to help you succeed in large-scale deployments into multi-platform environments. We also offer 24/7 support for the most demanding customers around the globe.

Tectia SSH is developed and maintained fully in-house by a team of industry professionals. Tectia teams are well suited for environments where using open source is discouraged or outright prohibited.


Safeguard your M2M connections

When mission-critical data is in transit between machines, you need robust security around it. Tectia is the perfect solution for automated file transfers.


Secure tunneling for any connection

Encrypt and tunnel TCP connections regardless of the higher layer protocol (HTTP, FTP, LDAP, SQL, Modbus TCP, Ethernet IP, Profinet, etc). to safely pass through untrusted networks. Forward connections through intermediate servers without exposing target server credentials to the intermediate servers with agent forwarding.


Fully compatible with the SSH.COM Zero Trust portfolio

Tectia remote access connections can be made into Zero Trust compatible. A zero-trust connection eliminates permanent privileged access and unsecure superuser passwords, replacing them with just-in-time on-demand ephemeral certificates compatible with either X.509 or OpenSSH PKI. This will dramatically reduce the problems related to lost or compromised passwords, or unauthorized credentials.

Zero Trust Security


Evolve with your needs into Post Quantum Cryptography

We have a 25-year track record as innovators in encryption and are a leading player in mitigating the threat of quantum computing with post quantum cryptography (PQC) and quantum safe cryptography (QSC).

Learn more about why financial institutions should take the quantum threat seriously.

Quantum whitepaper

Financial Institutions with QSC

Why financial institutions should prepare for the quantum threat with quantum safe cryptography (QSC) and algorithms. Download the white paper.

Quantum whitepaper


Enjoy x.509 certificate based authentication with Tectia Zero Trust.

Tectia Zero Trust


Who is Tectia SSH Client/Server for?

Organizations that benefit most from secure file transfers and remote access with Tectia SSH Client/Server:

  • Need to comply with regulations, such as PCI-DSS or FIPS, like US Federal agencies, large financial institutions, retailers, insurance companies, etc.
  • Require standard-based protocol implementation to ensure interoperability
  • Have heterogenous server environments that are 10+ years old
  • Want to reduce their SSH deployment and maintenance costs
  • Need to secure critical M2M connections and remote access for 3rd parties
  • Require high availability and 24/7 support for their connections

Why choose Tectia SSH Client/Server over OpenSSH?


#1: Save on software management costs


  • Compiled and tested packages for all key platforms
  • Centralized distribution of updates throughout heterogeneous network
  • Consistent release cycle covering all separate platforms
  • No compatibility risks
  • No integration costs
  • No need for expensive in-house technology expertise


  • updates from multiple sources & patches separately for each platform => adds administrative costs
  • Release cycles and policies different for each source => multiplies maintenance
  • resolve interoperability and consistency between implementations
  • document all steps involved in deployment and maintenance
  • maintain expensive in-house technology expertise
  • working with OpenSSH source code creates extra costs


#2: Save on authentication integration costs


  • Tectia incorporates broad, tested and documented authentication integration
  • Developed in co-operation with enterprise customers
  • Minimizes in-house engineering and other integration costs


  • Developing authentication integration requires in-house: Requirement specification, development, testing, documentation and maintenance
  • Costly in-house project management and software engineering resources needed
  • Have to rely on 3rd-party patches with limited support



#3: Save on support and Helpdesk costs


  • Single point of contact for all Secure Shell related support requests
  • Extensive, consistent support packages available for all platforms


  • Multiple points of contact in Secure Shell related inquiries
  • Inconsistent support and maintenance policies between different platforms
  • Limited support for Unix bundled OpenSSH packages
  • No support for in-house OpenSSH compilations


#4: Eliminate other risks and concerns


  • In-house developed implementation – no IPR risks for customers
  • Extensive product roadmap developed and reviewed with customers
  • Enterprise-class feature set specifically created to address regulatory demand


  • IPR infringement risks
  • Uncertain future product roadmap
  • Risk of non-compliance

Main features

Compiled and tested packages for all key platforms

Saves systems administrators tasks of tracking and obtaining updates from multiple sources. Reduces test time as well.

Available long term support versions 

Stay with one version of Secure Shell across the enterprise, even as OS versions change.

Smooth integration with the Authentication, Authorization and Accounting (AAA) infrastructure

Support for multiple authentication systems: including X.509, SecurID, GSSAPI, CAC.

Interoperable, multi-platform

Tectia SSH Client and Server are fully interoperable with OpenSSH and standard SSHv2-compliant third-party implementations. No issues creating secure connectivity with business partners or within mixed environments.

SFTP features

  • Strong encryption
  • SFTP and SCP command line tools
  • Multi-gigabyte file size support
  • Streaming
  • Resume on re-transfer
  • Configurable compression

Application connectivity

  • Automatic application tunneling
  • Nested tunnel support
  • Automated connection set-up
  • Fully interoperable with OpenSSH
  • TCP/IP port forwarding
  • Multiplexing – multiple SSH sessions over a single TCP/IP connection


  • IETF Compliant
  • Configurable rekeying policies
  • GSSAPI/Kerberos support
  • OpenSSH key support
  • Third-party authentication support
  • FIPS-certified cryptographic module

Highlights of supported cryptographic algorithms

  • ECDSA, ED25519
  • HMAC (MD5, SHA-2)
  • Diffie-Hellman (SHA-2, Elliptic Curve)
  • Upcoming Quantum Ready algorithms

Zero Trust support

  • Ephemeral x.509 or OpenSSH PKI certificates

  • No permanent privileged access

  • Learn more about Tectia Zero Trust here.

Contact us for pricing and licenses

Talk to our friendly experts now about new licenses, renewals and support contacts.

Request pricing