On Unix platforms, the Tectia Server files are located in the following directories and the named file permissions are required for them:
/etc/ssh2
Writable to root (must). Readable to
world. The /etc/ssh2
directory is created with
the correct permissions during installation.
/etc/ssh2/ssh-server-config.xml
: the server configuration
file (see ssh-server-config(5))
Writable to root (must). Readable to world.
/etc/ssh2/ssh-server-config-default.xml
: a sample file that
shows the hardcoded system defaults of the server configuration
/etc/ssh2/ssh-server-config-example.xml
: a sample file with
useful examples for the server configuration
/opt/tectia/share/auxdata/ssh-server-ng
: the server
configuration file DTD directory
Note | |
---|---|
In Tectia Server 6.1 and earlier on Unix the default auxiliary data directory
|
/etc/ssh2/hostkey
: the default server host private key
file
Writable to root (must). Readable to root (must).
/etc/ssh2/hostkey.pub
: the default server host public key
file
Writable to root (should). Readable to world.
/etc/ssh2/licenses
: the license file directory (see Licensing)
/etc/ssh2/trusted_hosts
: the directory for host public keys
that are trusted for host-based authentication (see Host-Based User Authentication)
Writable to root (must). Readable to root (should).
/var/opt/tectia/random_seed
: the seed file for the random
number generator
Writable to root (must). Readable to root (must). Set the permissions read/writable to root at each update.
/opt/tectia/sbin
: the system binaries such as
ssh-server-g3
/opt/tectia/bin
: the user binaries such as
ssh-keygen-g3
/opt/tectia/man
: Tectia Server man pages
/opt/tectia/libexec
: library binaries
/opt/tectia/lib/sshsecsh
: library binaries
The user-specific configurations are stored in each user's
$HOME/.ssh2
directory.
Writable to user (must). Readable to user
(should). The permission checking can be changed with configuration setting
<auth-file-modes mask-bits="XXX"/>
.
In the $HOME/.ssh2
directory:
$HOME/.ssh2/authorized_keys
: the default directory for user
public keys that are authorized for login
$HOME/.ssh2/authorization
: (optional) the
default authorization file for user public keys