Quick PrivX Setup

This article describes setting up PrivX for quick evaluation purposes. If you are setting up PrivX for production, refer to Deployment Overview instead.

To set up a PrivX server for evaluation purposes:

  1. Add the EPEL and PrivX repositories for downloading PrivX packages and dependencies:

    • On Red Hat/Rocky Linux 9:

      yum update
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
yum install postgresql-server # or postgresql if using an external DB
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/rhel9/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Red Hat/Rocky Linux 8:

      yum update
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
yum install epel-release
dnf module enable postgresql:13
yum install postgresql-server # or postgresql if using external DB
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Amazon Linux 2023:

      dnf update
dnf install postgresql15-server # or postgresql15 if using external DB
dnf install libxcrypt-compat
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Amazon Linux 2:

      yum update
amazon-linux-extras install -y nginx1
amazon-linux-extras enable postgresql14
yum install postgresql-server
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

      Note: When configuring PrivX with an external database, ensure that the psql client installed on the same machine as PrivX matches the version of the Postgresql server.

  1. Install the latest PrivX packages with:

    yum install PrivX

  2. Configure PrivX with:

    /opt/privx/scripts/postinstall.sh

    The following lists the required information, along with some recommended values for evaluation setups:

    • PKCS #11-keyvault settings: N
    • Number of trusted load balancers in front of PrivX node: 0
    • NTP server address: pool.ntp.org
    • FQDN and IP address(es) of the server. You can obtain these by opening another terminal and running hostname --fqdn and ip addr respectively.
    • Local or external database: L
    • Database name and credentials. You can go with the defaults.
    • Credentials for the initial superuser account.

    Once the postinstall finishes, the PrivX server is operational.

  3. License your PrivX server to enable its features:

    Open a browser and navigate to the FQDN or IP address of your PrivX server. Log in with the superuser credentials provided earlier.

    In the PrivX GUI, go to Administration→License and enter your license code.

    You have now set up a PrivX server for evaluation purposes.

Was this page helpful?