Single Mode Installation for Linux
In the single-mode installation, the existing OpenSSH server on the server is removed and replaced by Kron PAM Linux Agent's OpenSSH server and other required packages.
- Log in to Kron PAM Web GUI.
- Navigate to the Linux Agent Management menu.
- Click the Add button and download the installation script.
- Click the Next button to generate the registration key.
- The registration key will be entered during the Linux Agent installation process.
- Select the validity duration for the registration key.
- Click Next to get the registration key.
- Login as a root user to the target server on which Kron PAM Linux Agent is to be installed.
- Before starting the installation, OS default repos should be disabled. To list enabled Centos repos, execute the yum repolist command. The repository configuration files are stored in the /etc/yum.repos.d/ directory. All files with the .repo file extension in this directory are read by yum. Edit files and change the value enabled=1 to 0 (Similar operations can be applied for other Operating Systems) [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&re po=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 enabled=0
- Enable execution right for the setup_sc_api.sh script. ~] # chmod +x setup_sc_api.sh
- Execute the script with a single-mode option. ~] # ./setup_sc_api.sh --mode single
- The script will check the server OS, current OpenSSH server, and client versions. It will download related packages and dependencies.
- When a prompt appears for removing current packages, type Y and press enter. Do you want to remove the package OpenSSH now? [y/N] y
- Required packages will be downloaded from the Kron PAM repo and the user will be prompted to allow installation. Type “y” and press enter. (Similar prompts may be displayed several times for required packages to install OpenSSH server, client, Agent, seLinux packages and policies, etc.)
==============================================================================
Package Arch Version Repository Size ==============================================================================
Removing: OpenSSH x86_64 7.4p1-16.el7 installed 1.9 M
Removing dependencies:
openssh-clients x86_64 7.4p1-16.el7 installed 2.5 M openssh-server x86_64 7.4p1-16.el7 installed 971 k
Transaction Summary
==============================================================================
Remove 1 Package (+2 Dependent packages)
Installed size: 5.4 M
Is this ok [y/N]: y
- When all packages and dependencies are installed, the necessary parameters for the installation are prompted. Type y and press enter when asked to configure SSH parameters. Do you want to configure SSH parameters now? [y/N] y
- If you're going to configure the firewall, when asked to configure the firewall, type y and press enter. Do you want to configure firewall parameters now? [y/N] y
- The server hostname can be configured during installation. When prompted, the hostname can be entered or left blank to continue with the current name. Do you want to configure Host Naming parameters now? [Y / N] y
- The interface the server will use when communicating with the Kron PAM server is selected. Do you want to choose the interface for SC communication[y/N]:y Select an interface to use [1-1] 1
- The user asked for settings related to the Kron PAM server. Do you want to configure SingleConnect Management Agent now? [y/N]
- Primary and secondary Kron PAM IP addresses are asked. Please Enter Primary Management Address (e.g 10.20.30.40:443): Please Enter Secondary Management Address (e.g 10.20.30.41:443, skip if no secondary_address):
- The registration token received from the Kron PAM GUI (Agent Management Menu), valid for a certain period, is entered. Please Enter Install Token:
- You can set the port and other parameters for the internal communication of Kron PAM Agent or request the default settings to be used. Type N for default settings and press enter. Do you want to configure SingleConnect Management Agent tunneling parameters now? [y/N] N
- If the installation has been completed successfully, a prompt will appear on the screen as below. Openssh Active... Management Agent Status Daemon Active... Management Agent Log Daemon Active... Management Agent Tunnel Auth Daemon Active... ============================================= System Alive...
- scversion command can be executed to check the installation and the installed version [root@server ~] # scversion
Operating System:
CentOS Linux
Agent SSH Mode :
Normal
OpenSSH
Version: 7.4p1.1
Release: 1
SingleConnect Agent
Version: 2.1.9
Release: 1
SELinux
Version: 3.13.1
Status: enabled
Mode: enforcing
Agent SELinux Module:
smi 1.0 Console SELinux Module: smi_init 1.0