Start Windows PowerShell with Run as Administrator and change to the "<INSTALLDIR>\SSH Tectia Server\", for example:

cd "C:\Program Files (x86)\SSH Communications Security\SSH Tectia\SSH Tectia Server\"

Before enabling debug, check the status of the currently running server:

.\ssh-server-ctl status

Log debug to a file, for example:

.\ssh-server-ctl debug log-file C:\server-debug.txt

Or alternatively, View Troubleshooting Log if you wish to both monitor and store the log contents to a file simultaneously:

.\ssh-server-debugger

Figure 9.1. Viewing troubleshooting log

Enable debug mode. In this example, for all server processes set global debug level 4 and modules starting with "SshUser" higher level 9:

.\ssh-server-ctl debug set "4,SshUser*=9"

This <debug_level> is suitable for user authentication. The amount of debug can also be reduced by disabling some of the other modules by setting them to 0 in "module=level,module*=level,...". See previous section for details on filter.

After reproducing the issue, remember to disable debug mode:

.\ssh-server-ctl debug clear

This changes debug level to 0 and also removes the debug hook for the debug log file if it was used.

Check the status of the currently running server:

.\ssh-server-ctl status

Verify from the output that 'Debug level' is 0. If Debug level is not displayed at all, the master ssh-server-g3 process in question has never had debug enabled.

To view all debug commands available for ssh-server-ctl see:

.\ssh-server-ctl debug --help