Quick PrivX Setup
This article describes setting up PrivX for quick evaluation purposes. If you are setting up PrivX for production, refer to Deployment overview instead.
To set up a PrivX server for evaluation purposes:
-
Add the EPEL and PrivX repositories for downloading PrivX packages and dependencies.
-
On Red Hat/Rocky Linux 9:
yum update
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
yum install postgresql-server # or postgresql if using an external DB
yum install firewalld
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/rhel9/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo -
On Red Hat/Rocky Linux 8:
yum update
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
yum install epel-release
yum install firewalld
dnf module enable postgresql:16
yum install postgresql-server # or postgresql if using external DB
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo -
On Amazon Linux 2023:
dnf install postgresql15-server # or postgresql15 if using external DB
dnf install libxcrypt-compat firewalld
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo -
On Amazon Linux 2:
amazon-linux-extras install -y nginx1 epel
amazon-linux-extras enable postgresql14
yum install postgresql-server # or postgresql if using an external DB
yum install firewalld
rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
curl https://product-repository.ssh.com/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
cautionWhen configuring PrivX with an external PostgreSQL database, make sure the
psql
client is installed on the same machine. PrivX requires apsql
client version that matches the server version. -
-
Install the latest PrivX packages with:
yum install PrivX
-
Configure PrivX with:
/opt/privx/scripts/postinstall.sh
The following lists the required information, along with some recommended values for evaluation setups:
- PKCS #11-keyvault settings:
N
- Number of trusted load balancers in front of PrivX node:
0
- NTP server address:
pool.ntp.org
- FQDN and IP address(es) of the server. You can obtain these by opening another terminal and running
hostname --fqdn
andip addr
respectively. - Local or external database:
L
- Database name and credentials. You can go with the defaults.
- Credentials for the initial superuser account.
Once the
postinstall.sh
script finishes, the PrivX server is operational. - PKCS #11-keyvault settings:
-
License your PrivX server to enable its features:
Open a browser and navigate to the FQDN or IP address of your PrivX server. Log in with the superuser credentials provided earlier.
In the PrivX GUI, go to Administration→License and enter your license code.
After following these steps, you have now set up a PrivX server for evaluation purposes.