Configuration File for Tectia Server

Dividing the Configuration into Several Files
Using Selectors in Configuration File

This section introduces the XML-based Tectia Server configuration file ssh-server-config.xml, its structure, elements and options. For descriptions of the elements, see ssh-server-config(5). For a quick reference to the elements and their attributes, see Appendix A. For information on the syntax of the configuration file, see Appendix B.

The configuration file follows the same logic that is used in setting up a Secure Shell connection:

  1. The settings related to the server's own configuration are made in the params block.

  2. After the client has initiated a connection to the server, the server checks whether connections from the client address are allowed. The client and server perform key exchange where the server authenticates itself to the client, and ciphers, KEXs and MACs are selected for the connection. The related configuration settings are made in the connections block.

  3. The server requests the user to authenticate itself to the server. The server may offer a selection of authentication methods, or require several authentication methods to be passed in succession. The configuration settings related to authentication are made in the authentication-methods block.

  4. The server determines the services the client is allowed to use. The related configuration settings are made in the services block.


The configuration file is read in top-down order during connection setup. If a connection is denied in one of the blocks, the connection setup phase ends immediately and the rest of the configuration file will not be read at all.