The downloaded installation package contains the compressed installation files.
Two packages are required: one for the common components of Tectia Client and Server, and one for the specific components of Tectia Server.
Tectia Server includes support for Zones on Solaris 10 and 11. The Tectia software can be installed into the global and local zones. When the Tectia software is installed into the global zone, it becomes automatically installed also into the existing local zones. However, Tectia Server needs to be separately installed into local zones added later into the system.
In case you are installing Tectia Server into a sparse zone, note that
the installation process will report a failure in creating symlinks. The
actual installation is finished successfully, but you need to manually add
the /opt/tectia/bin
to the path settings.
For information on Solaris Zones, see the Oracle's documentation: System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.
To install Tectia Server on Solaris, follow the instructions below:
Unpack the downloaded tar
package.
Make sure no other software is using port 22 (Tectia Server default listen port). Stop any competing server software or change their listen port.
Select the installation package according to your Solaris version.
When installing on Solaris version 10 running on the SPARC architecture, use the following packages:
ssh-tectia-common-<version>
-solaris-10-sparc.pkg.Z ssh-tectia-server-<version>
-solaris-10-sparc.pkg.Z
When installing on Solaris version 11 running on the SPARC architecture, use the following packages:
ssh-tectia-common-<version>
-solaris-11-sparc.pkg.Z ssh-tectia-server-<version>
-solaris-11-sparc.pkg.Z
When installing on Solaris version 10 or 11 running on the x86-64 architecture, use the following packages:
ssh-tectia-common-<version>
-solaris-<solaris-version>
-x86_64.pkg.Z ssh-tectia-server-<version>
-solaris-<solaris-version>
-x86_64.pkg.Z
In the commands, <version>
indicates the product
release version and the current build number (for example,
6.4.20.123
).
<solaris-version>
refers to the Solaris version number (10 or 11),
in case of installing on x86-64 architecture.
Unpack the installation packages to a suitable location. The
standard location is /var/spool/pkg
in Solaris environment. In the
command examples below, we use the x86-64 version for Solaris 10:
$ uncompress ssh-tectia-common-<version>
-solaris-10-x86_64.pkg.Z $ uncompress ssh-tectia-server-<version>
-solaris-10-x86_64.pkg.Z
Install the packages with the pkgadd
tool
with root privileges:
# pkgadd -d ssh-tectia-common-<version>
-solaris-10-x86_64.pkg all # pkgadd -d ssh-tectia-server-<version>
-solaris-10-x86_64.pkg all
The server host key is generated during the installation. The key generation may take several minutes on slow machines.
Copy the license file to the /etc/ssh2/licenses
directory.
(This is not necessary in "third-digit" maintenance updates.)
See Licensing.
If this is the initial installation of Tectia Server, the directory does not yet exist. You can either create it manually or copy the license after the installation. In the latter case, you have to start the server manually after copying the license file.
The installation should (re)start the server automatically.
Note | |
---|---|
If the server does not start (for example because of a missing license or because some other secure shell software is running on port 22), you can start it after correcting the problem by issuing the command: # /etc/init.d/ssh-server-g3 start |
Tip | |
---|---|
On Solaris, it is recommended that you raise the maximum open files limit. The default limit for open files per process is set to 256, but it is too low for Tectia Server that will receive lots of connections. The servant may run out of file descriptors causing the connections to fail. How much the maximum open files limit must be raised, depends on the system and the number of servants running; 8192 should be sufficient in most cases. To set the maximum open files limit to 8192, before starting ssh-server-g3, run this command in shell: # ulimit -n 8192 The default limit set for open files varies between operating system versions. Refer to the instructions of your operating system for more information. |
In case you want to use the BSM to record Secure Shell log-in and log-out events, see also Auditing with Solaris BSM.