Uploading Components-RPM Files Into PrivX
You can upload Extender RPMs into PrivX, then use those to upgrade your Extenders.
Only supported PrivX Components' RPM files can be uploaded into PrivX. So far, only Extender RPMs starting from version 37 are supported. You can obtain the Extender RPMs from Get the PrivX Software.
High-level steps for uploading RPMs include:
- Verifying the RPM file.
- Uploading the RPM either via the PrivX GUI or PrivX-Server terminal access.
These steps are described in more detail in the following sections.
Verifying RPM Before Upload
You can verify PrivX-component RPMs against our GPG verification key. You can do this from any workstation that supports rpm
:
Obtain the component RPM you want to upload. Also obtain the GPG key from the SSH Repository.
Import the GPG key (replace
/path/to/info.fi-ssh.com-pubkey.asc
with the path to the GPG key):rpm --import /path/to/info.fi-ssh.com-pubkey.asc
Then verify the RPM file (replace
/path/to/PrivX-Extender-*.rpm
with the path to the RPM file):rpm --checksig /path/to/PrivX-Extender-*.rpm
Ensure that both digests and signatures are
OK
: the output should resemble the following:/path/to/PrivX-Extender-*.rpm: digests signatures OK
Uploading RPM to PrivX
You can upload component RPMs either via the PrivX GUI or via terminal access to a PrivX Server.
You should only download PrivX component RPMs from official sources such as the SSH repository or from the PrivX documentation site. Trying to upload unverified and/or unsigned packages can result in serious security issues.
Option 1: Uploading Component RPM via the PrivX GUI
After you have verified the RPM, access the PrivX-GUI page Administration→Deployment→Deploy VPC/VPN Extenders, then under RPM Uploads, click Upload RPM Package.
Click Select File, then select the RPM from your filesystem. Finally, click Upload RPM Package.
Once the upload completes successfully, you should see your RPM listed under RPM Uploads.
Option 2: Uploading Component RPM via Terminal Access
After you have verified the RPM, gain root terminal access to a PrivX Server.
Then upload the RPM to PrivX (replace
/path/to/PrivX-Extender-*.rpm
with the path to the RPM file):sudo /opt/privx/bin/rpm-tool add --rpm PrivX-Extender-version.rpm