SSH Tectia

Index

Symbols

$HOME, Directory Paths
%APPDATA%, Directory Paths
%USERPROFILE%, Directory Paths
<INSTALLDIR>, Directory Paths

A

access rules, Using Selectors in Configuration File, Defining Access Rules Using Selectors (Advanced Mode)
Active Directory, Editing Selectors
address
listen, The params Block, Network
administrators, Disabling Root Login (Unix)
advanced GUI mode, SSH Tectia Server
agent forwarding, Agent Forwarding (Unix)
AIX
installation, Installing on AIX
uninstallation, Removing from AIX
AIX LAM, The authentication-methods Block
allowed hosts, Restricting Connections
allowing commands, The services Block, Commands
allowing subsystems, The services Block, Subsystems
allowing terminal access, The services Block, Basic
allowing tunneling, The services Block, Local Tunnels, Remote Tunnels
APPDATA, Directory Paths
application tunneling, Tunneling
audit message reference, Audit Messages
audit messages, SFTP
auditing, Auditing
logins, Auditing with Solaris BSM
authentication, Authentication, Authentication
certificate, Server Authentication with Certificates, User Authentication with Certificates, Configuring Certificates
GSSAPI, User Authentication with GSSAPI
host-based, Host-Based User Authentication
host-based with certificates, Using Certificates
Kerberos, User Authentication with GSSAPI, Forwarding User Authentication to a Kerberos Realm
keyboard-interactive, User Authentication with Keyboard-Interactive, Pluggable Authentication Module (PAM) Submethod, RSA SecurID Submethod, RADIUS Submethod, LAM Submethod on AIX
LAM, User Authentication with Keyboard-Interactive, LAM Submethod on AIX
PAM, User Authentication with Keyboard-Interactive, Pluggable Authentication Module (PAM) Submethod
password, User Authentication with Passwords, User Authentication with Keyboard-Interactive
public-key, Server Authentication with Public Keys, User Authentication with Public Keys, Agent Forwarding (Unix)
RADIUS, User Authentication with Keyboard-Interactive, RADIUS Submethod
SecurID, User Authentication with Keyboard-Interactive, RSA SecurID Submethod
authentication chain, The authentication-methods Block, Configuring User Authentication Chains
authentication forwarding, Forwarding User Authentication, Agent Forwarding (Unix)
authentication methods, The authentication-methods Block, Parameters, Authentication
authority info access, Server Authentication with Certificates, User Authentication with Certificates
authorization file, The authentication-methods Block, Parameters, Using the Authorization File, Files, Authorization File Options
authorized_keys directory, The authentication-methods Block, Parameters, User Authentication with Public Keys, Files
authorized_keys file, Using Keys Generated with OpenSSH, Files
automated file transfer, Automated File Transfer Script

C

CA certificate, The params Block, Certificate Validation, Configuring Certificates
certificate
enrolling, Certificate Enrollment Using ssh-cmpclient-g3
revoked, Server Authentication with Certificates
certificate authentication
server, The params Block, Identity, Server Authentication with Certificates
user, The params Block, Certificate Validation, User Authentication with Certificates, Configuring Certificates
certificate cache file, The params Block, Certificate Validation
certificate revocation list (CRL), The params Block, Certificate Validation, Server Authentication with Certificates, User Authentication with Certificates
certificate validation, The params Block, Certificate Validation
certificate viewer, ssh-certview-g3
certificates in host-based authentication, Using Certificates
certification
FIPS 140-2, The params Block, General
certification authority (CA), The params Block, Certificate Validation, Server Authentication with Certificates
changing host key, Notifying the Users of Host Key Changes
channel, Tunneling
chroot, Special Considerations on Windows
chrooting, Chrooting (Unix), Chrooting SFTP
ciphers, The connections Block, Parameters
CMP client, ssh-cmpclient-g3
command-line tools, Command-Line Tools and Man Pages
commands, The services Block, Commands
configuration
in multiple files, Dividing the Configuration into Several Files
configuration file
divided, Dividing the Configuration into Several Files
server, Files Related to SSH Tectia Server, Configuration File for SSH Tectia Server, ssh-server-config
syntax, Server Configuration File Syntax
configuring
RSA Agent, Configuring RSA Authentication Agent for PAM
selectors, Using Selectors in Configuration File
server, Configuring SSH Tectia Server
connection rules, The connections Block, Connections and Encryption
connections
maximum number, The params Block, General
CRL
disabling, The params Block, Certificate Validation
CRL auto update, The params Block, Certificate Validation
CRL distribution point, Server Authentication with Certificates, User Authentication with Certificates
CRL prefetch, The params Block, Certificate Validation
CryptiCore, Enabling CryptiCore
cryptographic library, The params Block, General
customer support, Customer Support

D

debug log, SSH Tectia Server
debugging
on Unix, Starting SSH Tectia Server in Debug Mode on Unix
on Windows, Starting SSH Tectia Server in Debug Mode on Windows
default port, The params Block, Network
default settings, SSH Tectia Server
default-path, The params Block
denying commands, The services Block, Commands, Disabling Remote Commands
denying connection attempts, Restricting Connections
denying file transfers, Disabling File Transfers
denying subsystems, The services Block, Subsystems
denying terminal access, The services Block, Basic, Disabling Terminal Access , Disabling Terminal Access
denying tunneling, The services Block, Local Tunnels, Remote Tunnels, Disabling Tunneling
Diffie-Hellman key exchange, Server Authentication with Certificates
directory
profile, Special Considerations on Windows
root, Special Considerations on Windows
virtual, SFTP, Defining SFTP Virtual Folders (Windows)
disabling CRL, The params Block, Certificate Validation
disclaimer before login, Notification
disk space requirement, Hardware and Disk Space Requirements
Document Type Definition (DTD), Server Configuration File Syntax
documentation, About This Document
documentation conventions, Documentation Conventions
DoD PKI, The params Block, Certificate Validation
domain controller, User Logon Rights on Windows
domain policy, Domain Policy
domain user account, User Logon Rights on Windows, Special Considerations on Windows
domain-policy, The params Block
downloading software, Downloading SSH Tectia Releases
DSA key
private, Identity
public, Identity
DSA key pair, Server Authentication with Public Keys

I

IAS, RADIUS Submethod
IBM AIX, Installing on AIX
identity, Identity
ignore-nisplus-no-permission, The params Block
ignoring AIX login restriction, The params Block
ignoring AIX rlogin restriction, The params Block
installation
planning, Preparing for Installation
silent, Silent Installation
upgrading, Upgrading Previously Installed SSH Tectia Server Software
installation packages, Installation Packages
INSTALLDIR, Directory Paths
installed files, Files Related to SSH Tectia Server
installing
on AIX, Installing on AIX
on HP-UX, Installing on HP-UX
on Linux, Installing on Linux
on Linux on IBM System z, Installing on Linux on IBM System z
on Solaris, Installing on Solaris
on VMware ESX, Installing on VMware ESX
on Windows, Installing on Windows
installing on HP-UX, Installing on HP-UX
interactive forced commands, The services Block, Commands
Internet Authentication Service (IAS), RADIUS Submethod
invalid
host key permissions, Invalid Host Key Permissions on Windows

M

MACs, The connections Block, Parameters
maintenance release, Downloading SSH Tectia Releases
man pages, Command-Line Tools and Man Pages
man-in-the-middle attack, Notifying the Users of Host Key Changes, Server Authentication with Certificates
maximum number of connections, The params Block, General
maximum number of processes, The params Block, General
message before login, Notification
message of the day (MOTD), The services Block
Microsoft IAS, RADIUS Submethod
Microsoft Windows, Installing on Windows
MSI package, Installing on Windows
multiple configuration files, Dividing the Configuration into Several Files
multiple host keys, Server Authentication with Public Keys

N

network access server (NAS), The authentication-methods Block, RADIUS Submethod
Network Address Translation (NAT), Server Configuration
network interface binding, Restricting Connections
network interface card, Network
network settings, Network
non-interactive installation, Silent Installation

P

PAM authentication, The authentication-methods Block, User Authentication with Keyboard-Interactive, Pluggable Authentication Module (PAM) Submethod
with LDAP, PAM Used with LDAP on Red Hat Linux
pam-account-checking-only, The params Block
password authentication, The authentication-methods Block, Parameters, Keyboard-Interactive Submethods, User Authentication with Passwords, User Logon Rights on Windows, User Authentication with Keyboard-Interactive
PEM encoding, Options
Personal Information Exchange (PFX), Identity
PKCS #7 package, Configuring Certificates
planning the installation, Preparing for Installation
Pluggable Authentication Module (PAM), User Authentication with Keyboard-Interactive, Pluggable Authentication Module (PAM) Submethod
pluggable-authentication-modules, The params Block
port forwarding, Tunneling
local, Local Tunnels
remote, Remote Tunnels
restricting, Tunneling
port number
default, The params Block, Network
private key
DSA, Identity
host, The params Block, Identity, Server Authentication with Public Keys, Certificate Enrollment Using ssh-cmpclient-g3
privileged users, Disabling Root Login (Unix)
problem situations, Solving Problem Situations
processes
maximum number, The params Block, General
profile directory, Special Considerations on Windows
proxy scheme, The params Block
proxy server, Configuring Certificates
proxy settings, Proxy Rules
public key
host, The params Block, Identity
user, User Logon Rights on Windows
public-key authentication, Parameters
server, The params Block, Identity, Server Authentication with Public Keys
user, The authentication-methods Block, User Authentication with Public Keys, Agent Forwarding (Unix)

Q

quiet-login, The params Block

R

RADIUS authentication, The authentication-methods Block, Keyboard-Interactive Submethods, User Authentication with Keyboard-Interactive, RADIUS Submethod
random_seed file, Files
recording ptyless sessions, The params Block
Red Hat Linux, Installing on Linux , Installing on Linux on IBM System z
registry keys, Registry Keys on Windows
rekeying interval, The connections Block, Parameters
related documents, About This Document
remote administration, System Administration
remote port forwarding, Remote Tunnels
remote tunnel, Tunneling, Remote Tunnels
removing
from AIX, Removing from AIX
from HP-UX, Removing from HP-UX
from Linux, Removing from Linux
from Linux on IBM System z, Removing from Linux on IBM System z
from Solaris, Removing from Solaris
from VMware ESX, Removing from VMware ESX
from Windows, Removing from Windows
old versions, Upgrading Previously Installed SSH Tectia Server Software
reporting failed logins, Reporting User Login Failures
requirements
for disk space, Hardware and Disk Space Requirements
for hardware, Hardware and Disk Space Requirements
for upgrading, Upgrading Previously Installed SSH Tectia Server Software
resolve client hostname, General
resolve-client-hostname, The params Block
restoring default settings, SSH Tectia Server
restricting services, The services Block, Services, Restricting Services, Restricting Services
restricting tunneling, The services Block, Local Tunnels, Remote Tunnels, Tunneling, Restricting Services
revoked certificate, Server Authentication with Certificates
RFC 4253, Options
RFC 4716, Options
rights
log on locally, User Logon Rights on Windows
root directory, Special Considerations on Windows
RPM packages, Installing on Linux , Installing on Linux on IBM System z
RSA Authentication Agent, RSA SecurID Submethod
RSA Authentication Server, RSA SecurID Submethod
RSA key
private, Identity
public, Identity
RSA key pair, Server Authentication with Public Keys
RSA SecurID, RSA SecurID Submethod

S

SCEP client, ssh-scepclient-g3
secure application connectivity, Tunneling
secure file transfer, File Transfer
Secure File Transfer Protocol (SFTP), Special Considerations on Windows
Secure Shell server
starting, Starting and Stopping the Server
stopping, Starting and Stopping the Server
secure system administration, System Administration
SecurID authentication, The authentication-methods Block, Keyboard-Interactive Submethods, User Authentication with Keyboard-Interactive, RSA SecurID Submethod
selector
administrator, Editing Selectors
blackboard, The authentication-methods Block
certificate, The authentication-methods Block, Editing Selectors
host certificate, The authentication-methods Block, Editing Selectors
interface, The connections Block, The authentication-methods Block, Editing Selectors
IP, The connections Block, The authentication-methods Block, Editing Selectors
public key passed, The authentication-methods Block, Editing Selectors
user, The authentication-methods Block, Editing Selectors
user group, The authentication-methods Block, Editing Selectors
user password change needed, The authentication-methods Block
user privileged, The authentication-methods Block, Editing Selectors
selector handling rules, Selector Processing
selectors, Using Selectors in Configuration File, Defining Access Rules Using Selectors (Advanced Mode)
server
starting, Starting and Stopping the Server
stopping, Starting and Stopping the Server
server authentication methods, The params Block, Identity, Authentication
server authentication with certificates, Server Authentication with Certificates
server authentication with external key, Server Authentication using External Host Keys
server authentication with public key, Server Authentication with Public Keys
server banner message, Notification
server certificate, The params Block, Identity, Server Authentication with Certificates
server configuration, Configuring SSH Tectia Server
server configuration file, Files Related to SSH Tectia Server, Configuration File for SSH Tectia Server, ssh-server-config
server host key, Files Related to SSH Tectia Server
server settings, SSH Tectia Server
server status, SSH Tectia Server
services
restricting, The services Block, Services, Restricting Services, Restricting Services
set-blackboard
element, The authentication-methods Block
set-user
element, The authentication-methods Block
setting users to a group, The authentication-methods Block, The services Block, Selectors (Advanced Mode), Services
settings
default, SSH Tectia Server
SFTP
audit messages, The services Block, SFTP
SFTP subsystem, Enabling the SFTP Subsystem
SFTP virtual folders, SFTP, Defining SFTP Virtual Folders (Windows)
shared user account, Using a Shared Account
shell access, Disabling Root Login (Unix)
silent installation, Silent Installation
simple GUI mode, SSH Tectia Server
socket, Network
SOCKS server URL, The params Block, Certificate Validation
Solaris
BSM, Auditing with Solaris BSM
installation, Installing on Solaris
uninstallation, Removing from Solaris
SSH Tectia Client, Component Terminology
SSH Tectia ConnectSecure, Component Terminology
SSH Tectia MFT Events, Component Terminology
SSH Tectia Server, Component Terminology
starting, Starting and Stopping the Server
stopping, Starting and Stopping the Server
SSH Tectia Server Configuration tool, Configuration Tool
SSH Tectia Server for IBM z/OS, Component Terminology
SSH Tectia Server for Linux on IBM System z, Component Terminology
ssh-certview-g3, ssh-certview-g3
ssh-cmpclient-g3, ssh-cmpclient-g3
ssh-ekview-g3, ssh-ekview-g3
ssh-keyfetch, ssh-keyfetch
ssh-keygen-g3, Generating the Host Key, ssh-keygen-g3
ssh-scepclient-g3, ssh-scepclient-g3
ssh-server-config-tool, ssh-server-config-tool
ssh-server-config.xml, Files Related to SSH Tectia Server, Configuration File for SSH Tectia Server, ssh-server-config
ssh-server-ctl, ssh-server-ctl
commands, Commands
ssh-server-g3, ssh-server-g3
ssh-troubleshoot, Collecting System Information for Troubleshooting, ssh-troubleshoot
commands, Commands
starting the server, Starting and Stopping the Server
status, SSH Tectia Server
stopping the server, Starting and Stopping the Server
subsystems, The services Block, Subsystems
denying audit messages, The services Block
executing directly, The services Block
Sun Solaris, Installing on Solaris
support, Customer Support
supported platforms, System Requirements
SUSE LINUX, Installing on Linux , Installing on Linux on IBM System z
system audit
on Solaris, Auditing with Solaris BSM
system configuration, Configuring SSH Tectia Server
system log, The params Block, SSH Tectia Server, Logging, Auditing
system requirements, System Requirements

U

uninstalling
from AIX, Removing from AIX
from HP-UX, Removing from HP-UX
from Linux, Removing from Linux
from Linux on IBM System z, Removing from Linux on IBM System z
from Solaris, Removing from Solaris
from VMware ESX, Removing from VMware ESX
from Windows, Removing from Windows
upgrading, Upgrading Previously Installed SSH Tectia Server Software
use cases, Getting Started
user account
domain, User Logon Rights on Windows, Special Considerations on Windows
local, User Logon Rights on Windows
shared, Using a Shared Account
user authentication based on host, Host-Based User Authentication, Using Certificates
user authentication chain, Configuring User Authentication Chains
user authentication forwarding, Forwarding User Authentication, Agent Forwarding (Unix)
user authentication methods, The authentication-methods Block, Authentication, Authentication
user authentication with certificates, User Authentication with Certificates, Configuring Certificates
user authentication with GSSAPI, User Authentication with GSSAPI
user authentication with keyboard-interactive, User Authentication with Keyboard-Interactive
user authentication with password, User Authentication with Passwords
user authentication with public key, User Authentication with Public Keys
user configuration directory, The params Block, General
user group, User Logon Rights on Windows
user home directory, SFTP, Defining SFTP Virtual Folders (Windows)
User Manager, User Logon Rights on Windows
user name
domain policy settings, Domain Policy
user name handling on Windows, User Name Handling on Windows
user profile directory, Special Considerations on Windows
USERPROFILE, Directory Paths

V

viewing event log, SSH Tectia Server
viewing troubleshooting log, SSH Tectia Server
virtual directories, SFTP
virtual folders, Defining SFTP Virtual Folders (Windows)
VMware ESX
installation, Installing on VMware ESX
VMWare ESX
uninstallation, Removing from VMware ESX

W

well-known port, Tunneling
Windows
Event Log, SSH Tectia Server, Logging, Auditing
installation, Installing on Windows
password, User Authentication with Passwords, User Logon Rights on Windows
registry keys, Registry Keys on Windows
uninstallation, Removing from Windows
user group, User Logon Rights on Windows
user name, User Name Handling on Windows
Windows logon type, General
Windows terminal mode, General
Windows User Manager, User Logon Rights on Windows
windows-domain-precedence, The params Block
windows-logon-type, The params Block
windows-terminal-mode, The params Block

X

X.509 certificate, Certificate Enrollment Using ssh-cmpclient-g3, Configuring Certificates
X11
listener address, X11 Forwarding (Unix)
X11 forwarding, X11 Forwarding (Unix)
x11-listen-address, The params Block, X11 Forwarding (Unix)
XAuth path, The params Block
XML attribute
allow-missing, The connections Block, The authentication-methods Block
allow-ticket-forwarding, The authentication-methods Block
allow-undefined, Selectors and Undefined Data
authorization-file, The authentication-methods Block
authorized-keys-directory, The authentication-methods Block
chroot, The services Block
client-nas-identifier, The authentication-methods Block
default-path, The params Block
dir-mask-bits, The authentication-methods Block
disable-authorization, The authentication-methods Block
disable-crls, The params Block
dll-path, The authentication-methods Block
enable-password-change, The authentication-methods Block
failure-delay, The authentication-methods Block
http-proxy-url, The params Block
idle-timeout, The services Block
ignore-aix-login, The params Block
ignore-aix-rlogin, The params Block
ignore-nisplus-no-permission, The params Block
login-grace-time, The authentication-methods Block
mask-bits, The authentication-methods Block
max-connections, The params Block
max-processes, The params Block
max-tries, The authentication-methods Block
openssh-authorized-keys-file, The authentication-methods Block
pam-account-checking-only, The params Block
print-motd, The services Block
proxy-scheme, The params Block
quiet-login, The params Block
record-ptyless-sessions, The params Block
require-dns-match, The authentication-methods Block
resolve-client-hostname, The params Block
service-name, The authentication-methods Block
set-group, The authentication-methods Block
socks-server-url, The params Block
tcp-keepalive, The connections Block
use-expired-crls, The params Block
user-config-dir, The params Block
windows-logon-type, The params Block
windows-terminal-mode, The params Block
x11-listen-address, The params Block
xauth-path, The params Block
XML DTD, ssh-server-config, Server Configuration File Syntax
XML element, ssh-server-config
attribute, The services Block
attribute umask, The services Block
auth-file-modes, The authentication-methods Block, Enabling Public-Key Authentication
auth-gssapi, The authentication-methods Block
auth-hostbased, The authentication-methods Block
auth-keyboard-interactive, The authentication-methods Block
auth-password, The authentication-methods Block
auth-publickey, The authentication-methods Block
authentication, The authentication-methods Block
authentication-methods, The authentication-methods Block
banner-message, The authentication-methods Block
ca-certificate, The params Block
cert-cache-file, The params Block
cert-validation, The params Block
cipher, The connections Block
command, The services Block
connection, The connections Block
connections, The connections Block
crl-auto-update, The params Block
crl-prefetch, The params Block
crypto-lib, The params Block
dod-pki, The params Block
environment, The services Block
externalkey, The params Block
group, The services Block
hostkey, The params Block
ldap-server, The params Block
limits, The params Block
listener, The params Block
log-events, The params Block
logging, The params Block
mac, The connections Block
ocsp-responder, The params Block
params, The params Block
pluggable-authentication-modules, The params Block
private, The params Block
protocol-parameters, The params Block
public, The params Block
radius-server, The authentication-methods Block
radius-shared-secret, The authentication-methods Block
rekey, The connections Block
rule, The services Block
selector, The connections Block, The authentication-methods Block, The services Block
selector/blackboard, The authentication-methods Block
selector/certificate, The authentication-methods Block
selector/host-certificate, The authentication-methods Block
selector/interface, The connections Block, The authentication-methods Block
selector/ip, The connections Block, The authentication-methods Block
selector/publickey-passed, The authentication-methods Block
selector/user, The authentication-methods Block
selector/user-group, The authentication-methods Block
selector/user-password-change-needed, The authentication-methods Block
selector/user-privileged, The authentication-methods Block
services, The services Block
set-blackboard, The authentication-methods Block
set-user, The authentication-methods Block
settings, The params Block
submethod-aix-lam, The authentication-methods Block
submethod-generic, The authentication-methods Block
submethod-pam, The authentication-methods Block
submethod-password, The authentication-methods Block
submethod-radius, The authentication-methods Block
submethod-securid, The authentication-methods Block
subsystem, The services Block
terminal, The services Block
tunnel-agent, The services Block
tunnel-local, The services Block
tunnel-local/dst, The services Block
tunnel-local/src, The services Block
tunnel-remote, The services Block
tunnel-remote/listen, The services Block
tunnel-remote/src, The services Block
tunnel-x11, The services Block
x509-certificate, The params Block
xml element
domain-policy, The params Block