The downloaded installation package contains the compressed installation files.
Two packages are required: one for the common components of Tectia Client and Server, and one for the specific components of Tectia Server.
If you are upgrading Tectia Server version 6.2.1 or earlier to 6.5, you must do the following steps before installing the new version:
Rename the subsystem group from tcpip
to
ssh-tectia-server
:
# /usr/bin/rmssys -s ssh-tectia-server
Redefine ssh-tectia-server
with the new group option:
# mkssys -s ssh-tectia-server -p "/opt/tectia/sbin/ssh-server-g3" -q -u 0 -S \ -n 15 -f 9 -R -G ssh-tectia-server -i /dev/null -o /dev/null -e \ /dev/null
Restart the ssh-tectia-server:
# stopsrc -s ssh-tectia-server
# startsrc -s ssh-tectia-server
Now you can continue with the installation steps.
Note that upgrading from Tectia Server version 6.2.x or 6.3.x will not restart the server automatically after installing the upgrade packages. Upgrading from Tectia Server versions 6.1.x (or earlier), and versions 6.4.2 (or later) will work normally and restart the server after upgrade.
To install Tectia Server on AIX, follow the instructions below:
Unpack the downloaded tar
package.
Make sure no other software is using port 22 (Tectia Server default listen port). Stop any competing server software or change their listen port.
Unpack the installation packages:
$ uncompress ssh-tectia-common-<version>
-aix-6-7-powerpc.bff.Z $ uncompress ssh-tectia-server-<version>
-aix-6-7-powerpc.bff.Z
In the commands, <version>
is the current package
version of Tectia Server (for example, 6.5.2.123
).
Install the packages by running the following commands with root privileges:
# installp -d ssh-tectia-common-<version>
-aix-6-7-powerpc.bff SSHTectia.Common # installp -d ssh-tectia-server-<version>
-aix-6-7-powerpc.bff SSHTectia.Server
The server host key is generated during the installation. The key generation may take several minutes on slow machines.
Copy the license file to directory: /etc/ssh2/licenses
.
(This is not necessary in "third-digit" maintenance updates.) See
Licensing.
If this is the initial installation of Tectia Server, the directory does not yet exist. You can either create it manually or copy the license after the installation. In the latter case, you have to start the server manually after copying the license file.
The installation should (re)start the server automatically.
Note | |
---|---|
If you upgraded from Tectia Server 6.2.x or 6.3.x, the server will not restart automatically. |
Note | |
---|---|
If the server does not start (for example because of a missing license or because some other secure shell software is running on port 22), correct the problem and you can start the server process by using the System Resource Controller (SRC). To start Tectia Server manually, enter command: # startsrc -s ssh-tectia-server |
There is a 32-bit binary ssh-aix-lam-proxy32
shipped with the
Tectia Server installation package for AIX. In some cases there is a need to use a 32-bit
Lightweight Authentication Module (LAM) in a 64-bit operating system, for example, when
using Safeword authentication via LAM.
There are two binaries in /opt/tectia/libexec
:
ssh-aix-lam-proxy (64-bit binary)
ssh-aix-lam-proxy32 (32-bit binary)
By default, the 64-bit binary is used. If the 32-bit binary is to be used, follow these steps:
Backup the ssh-aix-lam-proxy
to a safe place.
Copy the ssh-aix-lam-proxy32
to
ssh-aix-lam-proxy
.
This will automatically start using the 32-bit LAM on the 64-bit AIX host.