This documentation supports the 21.3 (12.3) version of BMC Discovery.

Configuring the appliance to use Tectia SSH and X.509 certificates


The BMC Discovery appliance can be configured to use Tectia SSH and x.509 certificates. You cannot configure the BMC Discovery Outpost to use the Tectia SSH client. SSH connections from the BMC Discovery Outpost are API-based, rather than client-based.

Note

You must avoid installing software using RPM commands. In addition to installing the third party software, these are very likely to update system libraries which may be incompatible with those currently used, or when the operating system or the BMC Discovery application are updated later.

These procedures assume that you have administrator level knowledge of Tectia SSH, and a Tectia SSH server installed on your network.

To install the Tectia SSH client

If you install the Tectia SSH client on a cluster, perform the following procedure on each member of the cluster. Install the Tectia SSH client as described in the Tectia documentation.

To configure BMC Discovery to use the Tectia SSH client

  1. Create a .tideway.py file in /usr/tidewayand add the following entry:

    SSH_CMD="/opt/tectia/bin/sshg3"
  2. Restart the Tideway services.
    You will see deprecation warnings in the logs about use of the .tideway.py file but you can ignore them.

BMC Discovery will now use Tectia SSH instead of OpenSSH for connections to remote systems.

To verify the Tectia SSH client

After you have installed and configured the client for the tideway user, you should be able to access remote servers using sshg3 from the command line, though you might need to add /opt/tectia/bin to the PATH. You should test servers that require X.509 certificates and those that do not, if possible.


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*