SSH.COM PrivX

SSH.COM PrivX Documentation Hub

Welcome to the SSH.COM PrivX documentation! Here you'll find the PrivX administration manual, use case specific guides as well as API specifications.

Documentation    API Reference

License Management

To activate a PrivX online license:

  1. Access the PrivX GUI and navigate to the Administration→License.

  2. Under the License code section, enter your license code, and click Update License.

In online licensing mode, PrivX checks for license updates every 6 or 12 hours and automatically applies any new changes found for your subscription. To trigger an immediate license refresh, click menu to the Last refreshed section, then click Refresh.

Using Online License Through HTTPS Proxy

If PrivX has no internet access, you can set up an HTTPS proxy for enabling connectivity to license servers. To enable a license proxy, perform the following:

  1. Set up an HTTPS proxy that forwards traffic to the license server.

  2. On all your PrivX servers, enable the license proxy:

    1. Edit /opt/privx/scripts/local-env. Specify the proxy address with the https_proxy setting, with the following syntax (replace proxy.example.com and 8443 with your proxy address and port respectively):

      https_proxy=proxy.example.com:8443
      
    2. Restart PrivX services to apply the changes.

      systemctl restart privx
      

Deactivating Online License

PrivX licenses can be activated only a limited number of times. To free up activations you must first deactivate a license. This is important when moving PrivX installation from a host to another. Deactivating online license requires access to the license servers from PrivX deployments.

To deactivate a PrivX license, go to the Administration→License. Next to Status, click menu, then click Deactivate.

Converting From Online License to Offline License

To change from online license to offline license.

  1. Deactivate the current license using PrivX GUI.
  2. Copy the offline license file to the license path to every PrivX server.
  3. Restart license-manager service on every PrivX server.

Offline License

Offline licensing is an optional licensing method for PrivX deployments which are completely unable to access licensing servers. The offline license is file-based and requires more manual actions for setup and maintenance. Offline licenses can be requested from the SSH Licensing team [email protected].

To install/refresh file-based an offline license:

  1. Copy the file to PrivX server, under the file-license path. The path is configured on /opt/privx/etc/license-config.toml, default /opt/privx/license/privx.lic.

  2. Restart license-manager service

To deactivate the file-based offline license, remove the license file from the path and restart license-manager service.

In case of offline High-Availability deployment, all of the PrivX instances requires the license file to be in place.

The offline license file is not part of the backups and won't be restored in case a backup is restored.

Converting From Offline License to Online License

To change from an offline license to an online license:

  1. On all PrivX servers, remove the offline license file from the license path.

  2. Restart the license-manager service.

    systemctl restart license-manager
    
  3. Insert the online license code via the PrivX GUI.

Converting to New License Format

If your initial PrivX deployment was set up before version 16.0, you may be using the old license format. For upgrade compatibility with future releases, ensure that you are using the new license format

New licenses are in UUID format: f9ef3d6f-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Old licenses are purely numbers: 4961xxxxxxxxxxxxxx

📘

Note

PrivX versions 19.0 and later no longer support the old license format.

To convert to new license format:

  1. Get a new license code from the SSH Licensing team at [email protected].

  2. Ensure your PrivX servers can connect to the new licensing server at https://privx.license.privx.io.

  3. From the PrivX GUI Settings→License page, deactivate the old license. Your PrivX deployment should now be unlicensed.

  4. On all PrivX servers, restart the license-manager service.

    systemctl restart license-manager
    
  5. On the Settings→License page, insert the new license code to PrivX. Your PrivX deployment should now be licensed with the new license.

Exceeding License Limitations

Any hosts that exceed your license limit will be marked as disabled (by license). These disabled hosts cannot be used for connections and are not visible under Connections→Available Hosts.

When you have disabled (by license) hosts, PrivX periodically raises audit events indicating the disabled (by license) host count. Administrator users can search for disabled hosts to see which hosts have been disabled.

To include additional hosts in your PrivX license, contact [email protected].

Updated about a month ago


License Management


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.