SSH Tectia® Client 5.2

User Manual

SSH Communications Security Corp.

Copyright © 1995–2007 SSH Communications Security Corp.

This software is protected by international copyright laws. All rights reserved. ssh® and Tectia® are registered trademarks of SSH Communications Security Corp in the United States and in certain other jurisdictions. The SSH and Tectia logos are trademarks of SSH Communications Security Corp and may be registered in certain jurisdictions. All other names and marks are property of their respective owners.

No part of this publication may be reproduced, published, stored in an electronic database, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, for any purpose, without the prior written permission of SSH Communications Security Corp.

THERE IS NO WARRANTY OF ANY KIND FOR THE ACCURACY OR USEFULNESS OF THIS INFORMATION EXCEPT AS REQUIRED BY APPLICABLE LAW OR EXPRESSLY AGREED IN WRITING.

This Software contains portions of XFree86 software and the delivery of XFree86 software or portions of the said software is subject to the acknowlegement of the following copyright notice and permission notice of The Open Group:

Copyright © 1988, 1998 The Open Group

Permission to use, copy, modify, distribute, and sell XFree86 software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appear in all copies and that both the copyright notice and this permission notice appear in supporting documentation.

THE XFREE86 SOFTWARE IS PROVIDE "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE XFREE86 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE XFREE86 SOFTWARE.

Except as contained in this notice, the name of The Open Group shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from The Open Group.

8 June 2007

Table of Contents

1. About This Document

Documentation Conventions
Customer Support
Component Terminology

2. Installing SSH Tectia Client

Planning the Installation

System Requirements
Packaging
Licensing
Upgrading from Version 4.x to 5.x
Upgrading from 5.x Version

Installing the SSH Tectia Client Software

Installing on AIX
Installing on HP-UX
Installing on Linux
Installing on Solaris
Installing on Windows

Removing the SSH Tectia Client Software

Removing from AIX
Removing from HP-UX
Removing from Linux
Removing from Solaris
Removing from Windows

3. Getting Started

Product Components

Location of SSH Tectia Client Files

File Locations on Unix
File Locations on Windows

SSH Tectia Status Dialog Box (Windows)

Connections View
Keys View
Logs View

Connecting to a Remote Host

Using the GUI Client (Windows)
Using the Command-Line Client

Using Public-Key Authentication

Examples of Use

4. Configuring Connection Broker

ssh-broker-config - SSH Connection Broker configuration file format

SSH Tectia Configuration Tool (Windows)

Defining General Settings
Defining Default Settings
Defining Proxy Rules
Defining Logging Settings
Defining Connection Profiles
Defining User Authentication
Defining Server Authentication
Defining SSH Tectia Connector Settings (SSH Tectia Connector)
Defining FTP-SFTP Conversion Rules (SSH Tectia Client with EFT Expansion Pack)
Defining Static Tunnels

5. Configuring SSH Tectia Client GUI (Windows)

Defining Global Settings

Defining the Appearance
Selecting the Font and Terminal Window Size
Selecting Colors
Defining Messages
Defining File Transfer Settings
Defining Advanced File Transfer Options
Defining File Transfer Mode
Defining Local Favorites
Defining Security Settings
Printing

Using Command-Line Options

Customizing the User Interface

Saving Settings
Loading Settings
Customize Dialog
Customizing Toolbars

6. Authentication

Server Authentication with Public Keys

Host Key Storage Formats
Using the System-Wide Host Key Storage
Using the OpenSSH known_hosts File

Server Authentication with Certificates

Using the Configuration File (Unix)
Using the GUI (Windows)

User Authentication with Passwords

Using the Configuration File (Unix)
Using the GUI (Windows)

User Authentication with Public Keys

Creating Keys with ssh-keygen-g3
Uploading the Public Key Manually
Creating Keys with the Key Generation Wizard (Windows)
Uploading the Public Key Automatically (Windows)
Using Keys Generated with OpenSSH
Special Considerations with Windows Servers

User Authentication with Certificates

Using the Configuration File (Unix)
Using the GUI (Windows)

Host-Based User Authentication (Unix)

User Authentication with Keyboard-Interactive

Using the Configuration File (Unix)
Using the GUI (Windows)

User Authentication with GSSAPI

Using the Configuration File (Unix)
Using the GUI (Windows)

7. Transferring Files

File Transfer with the Command-Line Client

Using scpg3
Using sftpg3

File Transfer with the File Transfer GUI (Windows)

Defining File Transfer Settings
Downloading Files with the File Transfer GUI
Uploading Files with the File Transfer GUI
Defining File Properties
Differences from Windows Explorer

FTP-SFTP Conversion (EFT Expansion Pack)

Enabling FTP-SFTP Conversion (Windows)
Enabling FTP-SFTP Conversion (Unix)
Enabling Direct MVS Dataset Access (z/OS)

Enhanced File Transfer (EFT Expansion Pack)

FTP Tunneling

8. Tunneling

Local Tunnels

Dynamic Tunneling
Transparent Tunneling with SSH Tectia Connector

Remote Tunnels

FTP Tunneling

X11 Forwarding

Agent Forwarding

9. Troubleshooting SSH Tectia Client

Starting Connection Broker in Debug Mode

Common problems

Troubleshooting GSSAPI Authentication
Password Window Loses Focus

A. Command-Line Tools

ssh-broker-g3 - SSH Connection Broker - Generation 3
sshg3 - Secure Shell terminal client - Generation 3
scpg3 - Secure Shell file copy client - Generation 3
sftpg3 - Secure Shell file transfer client - Generation 3
ssh-convert-ftp (EFT Expansion Pack on Unix) - Convert unsecured FTP connections to secured SFTP
ssh-keygen-g3 - authentication key pair generator
ssh-cmpclient-g3 - CMP enrollment client
ssh-certview-g3 - certificate viewer
ssh-ekview-g3 - external key viewer

B. Egrep Syntax

Egrep Patterns
Escaped Tokens for Regex Syntax Egrep
Character Sets For Egrep

C. GUI Reference

Terminal Window

Terminal Window Title Bar
Terminal Window Status Bar
Terminal Window Shortcut Menu

File Transfer Window

File Transfer Window Title Bar
File Transfer Window Menu Bar
File Transfer Window Toolbars
File Transfer Window Status Bar
Local View
Local Folder View
Remote View
Remote Folder View
Transfer View
Navigating in the File Transfer Window
File Transfer Shortcut Menus

Toolbar Reference

Basic Toolbar
File Transfer Window, Toolbar Buttons
Profiles Bar
File Transfer Window, File Bar

Menu Reference

File Menu
Edit Menu
Terminal Window, View Menu
File Transfer Window, View Menu
File Transfer Window, Operation Menu
Window Menu
Help Menu

D. Broker Configuration File Syntax

E. Man Pages and Help Files

F. Audit Messages