The product structure and the installation directory of Tectia Server for IBM z/OS has changed in version 6.0. If you have an earlier version of Tectia Server for IBM z/OS installed, it can coexist with version 6.0, as can the 5.x version.
The upgrade procedure will migrate your 5.x configuration and the keys automatically to the 6.4 version.
The upgrade procedure consists of the following steps:
Stop the server.
Do the installation as described in Installing the Tectia Server for IBM z/OS Software.
Copy the SSHD2
and SSHCERTD
JCLs from
/opt/tectia/doc/zOS/SAMPLIB
to your system procedure library as
instructed in Running sshd2 as a Started Task and Running ssh-certd as a Started Task.
Before proceeding with the installation, consider the following issues.
When you run setup.sh
for upgrading from version 5.x
you must choose whether you want to uninstall all 5.x files or keep the
old 5.x installation intact.
You must run setup.sh
either with
./setup.sh --uninstall-old
or
./setup.sh --keep-old
If you choose to uninstall 5.x, please note that the directories
/etc/ssh2
and /usr/lpp/ssh2
will
get unconditionally removed after the upgrade procedure has successfully
completed. Make sure that those directories do not contain any files you
want to keep for reference (ad-hoc configuration backups, notes etc.) before
running setup.sh
.
If you choose to keep the
5.x installation, nothing from the old 5.x will be uninstalled by the
setup.sh
script. In case you want to have both the 5.x and
the 6.4 servers running simultaneously, you must change the TCP port of
either one of them, because otherwise the two installed servers will compete
for default port 22.
To avoid conflicts at the next IPL please check and update:
Your started task JCL for the server
Operator instructions for running the server
Any other sshd2
init procedures (/etc/rc
for
example)
When upgrading from 5.x to 6.4, these
files/directories under /etc/ssh2/
are copied from the 5.x
installation to your new installation at /opt/tectia/
and
they continue to be used with Tectia Server 6.4 for IBM z/OS:
hostkey
|
hostkey.pub
|
sshd2_config
|
ssh_certd_config
|
ssh_ftadv_config
|
random_seed
|
ssh_banner_message
|
ssh-socks-proxy-config.xml
|
upgrade_history
|
auth/
|
hostkeys/
|
subconfig/
|
knownhosts/
|
If you are using the SOCKS proxy functionality, you
must review and update your ssh-socks-proxy-config.xml
configuration file after setup.sh
has finished.
The existing /etc/ssh2/ssh2_config
or
$HOME/.ssh2/ssh2_config
configuration
files are not
used by Tectia Server 6.4 for IBM z/OS client components. You have to create
new files
/opt/tectia/etc/ssh-broker-config.xml
(for global configuration) and
$HOME/.ssh2/ssh-broker-config.xml
(for user-specific configuration).