Skip to main content
Version: v39

Quick PrivX Setup

info

This article describes setting up PrivX for quick evaluation purposes. If you are setting up PrivX for production, refer to Deployment Overview instead.

To set up a PrivX server for evaluation purposes:

  1. Add the EPEL and PrivX repositories for downloading PrivX packages and dependencies:

    • On Red Hat/Rocky Linux 9:

      yum update
      yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
      yum install postgresql-server # or postgresql if using an external DB
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/rhel9/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Red Hat/Rocky Linux 8:

      yum update
      yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
      yum install epel-release
      dnf module enable postgresql:13
      yum install postgresql-server # or postgresql if using external DB
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Amazon Linux 2023:

      dnf update
      dnf install postgresql15-server # or postgresql15 if using external DB
      dnf install libxcrypt-compat
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Amazon Linux 2:

      yum update
      amazon-linux-extras install -y nginx1
      amazon-linux-extras enable postgresql14
      yum install postgresql-server
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
      caution

      Note: When configuring PrivX with an external database, ensure that the psql client installed on the same machine as PrivX matches the version of the Postgresql server.

  2. Install the latest PrivX packages with:

    yum install PrivX

  3. Configure PrivX with:

    /opt/privx/scripts/postinstall.sh

    The following lists the required information, along with some recommended values for evaluation setups:

    • PKCS #11-keyvault settings: N
    • Number of trusted load balancers in front of PrivX node: 0
    • NTP server address: pool.ntp.org
    • FQDN and IP address(es) of the server. You can obtain these by opening another terminal and running hostname --fqdn and ip addr respectively.
    • Local or external database: L
    • Database name and credentials. You can go with the defaults.
    • Credentials for the initial superuser account.

    Once the postinstall finishes, the PrivX server is operational.

  4. License your PrivX server to enable its features:

    Open a browser and navigate to the FQDN or IP address of your PrivX server. Log in with the superuser credentials provided earlier.

    In the PrivX GUI, go to Administration→License and enter your license code.

    You have now set up a PrivX server for evaluation purposes.