Quick PrivX Setup
This article describes setting up PrivX for quick evaluation purposes. If you are setting up PrivX for production, refer to Deployment Overview instead.
To set up a PrivX server for evaluation purposes:
Add the EPEL and PrivX repositories for downloading PrivX packages and dependencies:
On Red Hat/Rocky Linux 9:
yum update yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm yum install postgresql-server # or postgresql if using an external DB rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc curl https://product-repository.ssh.com/rhel9/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
On Red Hat/Rocky Linux 8:
yum update yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm yum install epel-release dnf module enable postgresql:13 yum install postgresql-server # or postgresql if using external DB rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
On Amazon Linux 2023:
dnf update dnf install postgresql15-server # or postgresql15 if using external DB dnf install libxcrypt-compat rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
On Amazon Linux 2:
yum update amazon-linux-extras install -y nginx1 amazon-linux-extras enable postgresql14 yum install postgresql-server rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc curl https://product-repository.ssh.com/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
Note: When configuring PrivX with an external database, ensure that the
psql
client installed on the same machine as PrivX matches the version of the Postgresql server.
Install the latest PrivX packages with:
yum install PrivX
Configure PrivX with:
/opt/privx/scripts/postinstall.sh
The following lists the required information, along with some recommended values for evaluation setups:
- PKCS #11-keyvault settings:
N
- Number of trusted load balancers in front of PrivX node:
0
- NTP server address:
pool.ntp.org
- FQDN and IP address(es) of the server. You can obtain these by opening another terminal and running
hostname --fqdn
andip addr
respectively. - Local or external database:
L
- Database name and credentials. You can go with the defaults.
- Credentials for the initial superuser account.
Once the postinstall finishes, the PrivX server is operational.
- PKCS #11-keyvault settings:
License your PrivX server to enable its features:
Open a browser and navigate to the FQDN or IP address of your PrivX server. Log in with the superuser credentials provided earlier.
In the PrivX GUI, go to Administration→License and enter your license code.
You have now set up a PrivX server for evaluation purposes.