SSH Tectia

Installing on Solaris

SSH Tectia Server is available for Sun Solaris on the SPARC architecture.

SSH Tectia Server includes support for Entrust certificates on Solaris 7 and 8. The necessary libraries are automatically included in the installation.

On the CD-ROM, the installation packages for Solaris are located in the /install/solaris/ directory. Two packages are required: one for the common components of SSH Tectia Client and Server, and another for the specific components of SSH Tectia Server.

To install SSH Tectia Server on Solaris, follow the instructions below:

  1. Select the installation package according to your Sun Solaris version.

    When installing on Solaris versions 2.6 - 7, select the following packages:

    $ uncompress ssh-tectia-common-<ver>-sparc-solaris2.6-7.pkg.Z
    $ uncompress ssh-tectia-server-<ver>-sparc-solaris2.6-7.pkg.Z
    

    When installing on Solaris versions 8 - 10, select the following package:

    $ uncompress ssh-tectia-common-<ver>-sparc-solaris8-10.pkg.Z
    $ uncompress ssh-tectia-server-<ver>-sparc-solaris8-10.pkg.Z
    
    [Note]Note

    In the examples below, we assume that you are installing on Solaris version 8, 9 or 10.

  2. Unpack the installation packages to a suitable place. The standard place is /var/spool/pkg in a Solaris environment.

    $ uncompress ssh-tectia-common-<ver>-sparc-solaris8-10.pkg.Z
    $ uncompress ssh-tectia-server-<ver>-sparc-solaris8-10.pkg.Z
    

    In the command, <ver> is the current package version of SSH Tectia Server (for example, 5.2.0.120).

  3. (Not necessary in "third-digit" maintenance updates.) Copy the license file to the /etc/ssh2/licenses directory. See Licensing.

    If this is the initial installation of SSH Tectia Server 5.x, the directory does not yet exist. You can either create it manually or copy the license after the installation. In the latter case, you have to start the server manually after copying the license file.

  4. Then install the packages with the pkgadd tool with root privileges:

    # pkgadd -d ssh-tectia-common-<ver>-sparc-solaris8-10.pkg all
    # pkgadd -d ssh-tectia-server-<ver>-sparc-solaris8-10.pkg all
    

    The server host key is generated during the installation. Key generation may take several minutes on slow machines.

  5. The installation should (re)start the server automatically.

    If the server does not start (because of a missing license, for example), you can start it after correcting the problem by issuing the command:

    # /etc/init.d/ssh-server-g3 start
[Note]Note

On Solaris 8 and 9, the default limit for open files per process is set to 256, but it is too low for SSH Tectia Server that will receive lots of connections. The servant may run out of file descriptors causing the connections to fail.

It is recommended to raise the maximum open files limit; 8192 should be sufficient in most cases. How much the maximum open files limit must be raised depends on the server load and the number of servants running.

You can set the maximum open files limit to 8192 as follows:

  • Before starting the ssh-server-g3, run this command in shell:

    # ulimit -n 8192 

The default limit set for open files varies between operating system versions. Refer to the instructions of your operating system for more information.