Upgrading Previously Installed Secure Shell Software
Check if you have some Secure Shell software, for example earlier versions
of SSH Tectia products or IBM Ported Tool for z/OS (OpenSSH), running on the
machine where you are planning to install the new SSH Tectia versions.
From OpenSSH
Before installing SSH Tectia Server 6.0 for IBM z/OS, stop any OpenSSH servers running on port 22,
or change their listener port. You do not need to uninstall the OpenSSH
software.
Proceed with the installation normally as described in
Installing the Software.
From SSH Tectia Server for IBM z/OS Version 5.x
The product structure and the installation directory of SSH Tectia Server for IBM z/OS has changed
in version 6.0. If you have an earlier version of SSH Tectia Server for IBM z/OS installed, it can
coexist with version 6.0.
Before proceeding with the installation as described in
Installing the Software, condsider the
following issues.
When you run setup.sh for upgrading from version 5.x you must choose
if you want to keep the old 5.x installation intact or if you want to
uninstall all 5.x files. You must run setup.sh either with
./setup.sh --uninstall-old
|
or
If you choose to uninstall 5.x, please note that the directories
/etc/ssh2 and /usr/lpp/ssh2 will get unconditionally
removed after the upgrade procedure has succesfully completed. Make sure
that those directories do not contain any files you want to keep for
reference (ad-hoc configuration backups, notes etc.) before running
setup.sh.
If you choose to keep the 5.x installation, nothing from the old 5.x
will be uninstalled by the setup.sh script.
Please note that by default the two installed servers compete for TCP
port 22 and thus cannot be run simultaneously. To avoid conflicts at
the next IPL please check and update:
- Your started task JCL for the server
- Operator instructions for running the server
- Any other
sshd2 init procedures (/etc/rc for example)
When upgrading from 5.x to 6.x, these files/directories under
/etc/ssh2/ are copied from the 5.x installation to your new
installation at /opt/tectia/ and they continue to be used with
SSH Tectia Server 6.0 for IBM z/OS:
hostkey
hostkey.pub
sshd2_config
ssh_certd_config
ssh_ftadv_config
random_seed
ssh_banner_message
ssh-socks-proxy-config.xml
upgrade_history
auth/
hostkeys/
subconfig/
knownhosts/
|
If you are using the SOCKS proxy functionality, you must review and
update your ssh-socks-proxy-config.xml configuration file after
setup.sh has finished.
The existing /etc/ssh2/ssh2_config or
$HOME/.ssh2/ssh2_config configuration files are not used by
SSH Tectia Server 6.0 for IBM z/OS client components. You have to create new
opt/tectia/etc/ssh-broker-config.xml and
$HOME/.ssh2/ssh-broker-config.xml files.
For information on upgrading SSH Tectia client tools configurations from to
version 5.x to 6.0, see SSH Tectia Server for IBM z/OS Migration Guide.
From SSH Tectia Server for IBM z/OS Version 6.0
SSH Tectia Server 6.0 for IBM z/OS can be upgraded simply by installing a newer maintenance version
of the software on top of the older version. The already defined
configuration will be preserved untouched. If you have both versions
5.x and version 6.x installed you must choose which installation the
upgraded system will be based on.
To upgrade SSH Tectia Server for IBM z/OS:
- Unpack the archive as described in Section Unpacking the Archive.
- Run the setup script as described in Section Running the Setup Script.
The setup script will not restart the server automatically.
