login about faq

How do I migrate an existing Tectia Server installation to a new server host?

asked Dec 22 '10 at 20:35

SSH%20KB's gravatar image

SSH KB ♦
509249246237

edited Sep 21 '11 at 17:24


Windows Server

1. Installing a new Tectia Server

Install Tectia Server to the new server host according to the installation instructions.

2. Copying the old Tectia Server files to the new host

Copy the following files from the old server host to the new host by replacing the existing default files created in step 1. The files are located in the Tectia Server installation directory (by default C:\Program Files\SSH Communications Security\SSH Tectia\SSH Tectia Server ). Because the private keys are also copied, the files must be copied using some secure file transfer method. Host key pair:
  • hostkey
  • hostkey.pub
Server configuration files:
  • ssh-server-config.xml
If the server configuration contains user- or host-specific configuration files, those must be copied as well. The location of the user- and host-specific configuration files can be checked from the ssh-server-config.xml configuration file. Certificate authentication related files If server certificate authentication is used, also the server host certificate pair needs to be copied. The filenames can be checked from SSH Tectia Server Configuration > Identity > Host Certificate. If user certificate authentication is used, possible CA certificates and certificate mapping files need to be copied as well. The filenames of the CA certificates and mapping files can be found from SSH Tectia Server Configuration > User Authentication > Public Key > Certificates.

3. Copying the old user-specific files to the new host

If public-key authentication is allowed, users may have files related to public-key authentication stored under their %USERPROFILE%\.ssh2\ directory (by default the directory is C:\Documents and Settings\username\.ssh2\). The directory can contain several public keys (*.pub) and one authorization file. Those files must be copied to the same location on the new server.

Unix Server

1. Installing a new Tectia Server

Install Tectia Server to the new server host according to the installation instructions.

2. Copying the old Tectia Server files

Copy the following files from the old server host to the new host by replacing the existing default files. The files are located in the SSH Tectia Server configuration directory (by default /etc/ssh2/). Because the private keys are also copied, the files must be copied using some secure file transfer method (for example sftpg3). Host key pair:
  • hostkey
  • hostkey.pub
Server configuration files:
  • ssh-server-config.xml
If the server configuration contains user- or host-specific configuration files, those must be copied as well. The location of the user- and host-specific configuration files can be checked from the ssh-server-config.xml configuration file options. Certificate authentication related files If server certificate authentication is used, also the server host certificate pair needs to be copied. Filenames can be checked from the ssh-server-config.xml configuration options. If user certificate authentication is used, possible CA certificates and certificate mapping files need to be copied as well. The filenames of the CA certificates and mapping files can be checked from the ssh-server-config.xml configuration options.

3. Copying the old user-specific files

If public-key authentication is allowed and used, users might have files related to public-key authentication stored under their "$HOME"/.ssh2/ directory. The directory can contain several public keys (*.pub) and one authorization file. Check the authorization file to see which public keys must be copied to the new server. Also the authorization file needs to be copied.

Unix Client

1. Copying Tectia Client files

If the Unix Client/Server is used also as an ssh client, the following files need to be copied. Files are located in the SSH Tectia Client/Server configuration directory (by default /etc/ssh2/). Client configuration file:
  • ssh-broker-config.xml
Certificate authentication related files If server certificate authentication is used, possible CA certificates need to be copied. The required CA certificate files can be checked from the ssh-server-config.xml configuration options.

2. Copying the old user-specific files

Users might have their own user-specific client configuration files stored under their "$HOME"/.ssh2/ directory. Those files should be copied to the new host to preserve the old user-specific connection settings. If public-key or certificate authentication is used, users might have key pairs stored under their "$HOME"/.ssh2/ directory. The directory can contain several public-key and certificate key pairs and an identification file. See the identification file to check which private keys need to be copied. Copy also the related public-key files. Because also the private keys are copied, the files must be copied using some secure file transfer method (for example sftpg3).
link

answered Dec 22 '10 at 21:07

Alan%20-%20Tectia%20Support's gravatar image

Alan - Tectia Support ♦
236335

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×69
×13
×1

Asked: Dec 22 '10 at 20:35

Seen: 4,697 times

Last updated: Sep 21 '11 at 17:24

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.