Agent Reference Guide
Linux/Unix Agent
Multitenancy Enabled Installation
2min
Installation of OpenSSH server, client, and other required packages compatible with a multitenancy-activated Kron PAM server.
- Login to Kron PAM Web GUI
- Navigate to the Linux Agent Management menu.
- Click the Add button and download the installation script.
Kron PAM Linux Agent Management Menu
- Click the Next button to generate the registration key.
- The registration key will be entered during the Linux Agent installation process.
- Select the validity duration for the registration key.
- Click Next to get the registration key.
Linux Agent Management Menu
- Log in as root user to the target server on which Kron PAM Linux Agent is to be installed.
- Before starting the installation, OS default repos should be disabled. To list enabled Centos repos, execute the yum repolist command. The repository configuration files are stored in the /etc/yum.repos.d/ directory. All files with the .repo file extension in this directory are read by Yum. Edit files and change the value enabled=1 to 0 (Similar operations can be applied for other Operating Systems) [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&re po=os&infra=$infra #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 enabled=0
- Enable execution right for the setup_sc_api.sh script. ~]# chmod +x setup_sc_api.sh
- Execute the script with a single-mode option. ~]# ./setup_sc_api.sh --mode hybrid --multitenant true
- The script will check the server OS version, current OpenSSH server, and OpenSSH client versions. It will download related packages and dependencies. When a prompt appears for removing current packages, type “Y” and press enter. Do you want to remove the package OpenSSH now? [y/N] y
- Required packages will be downloaded from the Kron PAM repo and the user will be prompted to allow installation. Type “y” and press enter. (Similar prompts may be displayed several times for required packages to install OpenSSH server, client, Agent, seLinux packages and policies etc.) ============================================================================== Package Arch Version Repository Size ========================================================================= Removing: OpenSSH x86_64 7.4p1-16.el7 installed 1.9 M Removing dependencies: openssh-clients x86_64 7.4p1-16.el7 installed 2.5 M openssh-server x86_64 7.4p1-16.el7 installed 971 k Transaction Summary ============================================================================== Remove 1 Package (+2 Dependent packages) Installed size: 5.4 M Is this ok [y/N]: y
- When all packages and dependencies are installed, the necessary parameters for the installation are prompted. When asked to configure SSH parameters, type y, and press enter. Do you want to configure SSH parameters now? [y/N] y
- Enter from which port the Kron PAM specified OpenSSH server would be run. Please Enter Hybrid SSH Port:
- If you want to configure a firewall when asked to configure a firewall, type y, and press enter. Do you want to configure firewall parameters now? [y/N] y
- The server hostname can be configured during installation. When prompted, the hostname can be entered or left blank to continue with the current name. Do you want to configure Host Naming parameters now? [Y / N] y
- The interface that the server will use when communicating with the Kron PAM server is selected. Do you want to select the interface for SC communication[y/N]:y Select an interface to use [1-1]
- A user asked for settings related to the Kron PAM server. Do you want to configure SingleConnect Management Agent now? [y/N]
- Primary and secondary Kron PAM IP addresses are asked. Please Enter Primary Management Address (e.g 10.20.30.40:443): Please Enter Secondary Management Address (e.g 10.20.42.24:443, skip if no secondary_address):
- The registration token, which is received from the Kron PAM GUI (Agent Management Menu) and is valid for a certain period, is entered. Please Enter Install Token:
- Enter Kron PAM tenant ID. Please Enter Tenant ID (skip if no tenant):
- You can set the port and other parameters for the internal communication of Kron PAM Agent or request the default settings to be used. Type N for default settings and press enter. Do you want to configure SingleConnect Management Agent tunneling parameters now? [y/N]N
- If the installation has been completed successfully, a prompt will appear on the screen as below. Openssh Active... Management Agent Status Daemon Active... Management Agent Log Daemon Active... Management Agent Tunnel Auth Daemon Active... ============================================= System Alive...
- scversion command can be executed to check the installation and the installed version [root@server ~] # scversion Operating System: CentOS Linux Agent SSH Mode : Hybrid OpenSSH Version: 7.4p1.1 Release: 1 SingleConnect Agent Version: 2.1.9 Release: 1 SELinux Version: 3.13.1 Status: enabled Mode: enforcing Agent SELinux Module: smi 1.0 Console SELinux Module: smi_init 1