SSH Tectia

Starting Connection Broker in Debug Mode

The Connection Broker is an internal component included in SSH Tectia Client and SSH Tectia ConnectSecure. The Connection Broker handles all cryptographic operations and authentication-related tasks for SSH Tectia Client, ConnectSecure, and the command-line tools sshg3, scpg3, sftpg3.

To start the Connection Broker in debug mode, follow these instructions:

  1. Open a shell (on Unix) or command prompt window (on Windows).

  2. Stop the Connection Broker, if it is currently running. Enter the following command to exit the Connection Broker. This will close all currently open connections of the current user:

    $ ssh-broker-g3 --exit
  3. Start the Connection Broker in debug mode by running the following command:

    $ ssh-broker-g3 -D<filter> -l <logfile>

    In the command:

    • logfile specifies the file to which the debug output will be directed

    • filter is an expression that takes the following syntax: "module=level,module=level,..."

    • module is an optional expression that can be used to restrict the debug output to only a particular module or to allow the use of varying debug levels for different modules.

    • level is an integer from 0 (no debug info) to 99 that specifies the desired amount of debug information.

      Note that levels 1-9 are the recommended ones. The higher the number, the more detailed the troubleshooting output will be, and the more the debugging will affect performance.

    The following example command starts the Connection Broker with global debug level 4 and outputs the debug information to a log file named broker.log:

    $ ssh-broker-g3 -D4 -l broker.log

    The following example command starts the Connection Broker with debug level 5 for modules starting with "SecShAuth" and level 2 for everything else:

    $ ssh-broker-g3 -D"SecShAuth*=5,2" -l broker.log
  4. Connect to a server using one of the clients:

    $ sshg3 user@host
  5. View the debug information for the connection in the broker.log file.

On Unix, you can display the debug output also by using the command line tools with argument -D. For example, the following command will display the debug output with a debug level 5 for modules starting with SecShAuth and level 2 for modules starting with Sft:

$ sftpg3 -D"SecShAuth*=5,Sft*=2" user@host