Skip to main content
Version: v41

Quick PrivX Setup

info

This article describes setting up PrivX for quick evaluation purposes. If you are setting up PrivX for production, refer to Deployment overview instead.

To set up a PrivX server for evaluation purposes:

  1. Add the EPEL and PrivX repositories for downloading PrivX packages and dependencies.

    • On Red Hat/Rocky Linux 9:

      yum update
      yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
      yum install postgresql-server # or postgresql if using an external DB
      yum install firewalld
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/rhel9/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Red Hat/Rocky Linux 8:

      yum update
      yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
      yum install epel-release
      yum install firewalld
      dnf module enable postgresql:16
      yum install postgresql-server # or postgresql if using external DB
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Amazon Linux 2023:

      dnf install postgresql15-server # or postgresql15 if using external DB
      dnf install libxcrypt-compat firewalld
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/rhel8/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo

    • On Amazon Linux 2:

      amazon-linux-extras install -y nginx1 epel
      amazon-linux-extras enable postgresql14
      yum install postgresql-server # or postgresql if using an external DB
      yum install firewalld
      rpm --import https://product-repository.ssh.com/info.fi-ssh.com-pubkey.asc
      curl https://product-repository.ssh.com/ssh-products.repo -o /etc/yum.repos.d/ssh-products.repo
    caution

    When configuring PrivX with an external PostgreSQL database, make sure the psql client is installed on the same machine. PrivX requires a psql client version that matches the server version.

  2. Install the latest PrivX packages with:

    yum install PrivX

  3. Configure PrivX with:

    /opt/privx/scripts/postinstall.sh

    The following lists the required information, along with some recommended values for evaluation setups:

    • PKCS #11-keyvault settings: N
    • Number of trusted load balancers in front of PrivX node: 0
    • NTP server address: pool.ntp.org
    • FQDN and IP address(es) of the server. You can obtain these by opening another terminal and running hostname --fqdn and ip addr respectively.
    • Local or external database: L
    • Database name and credentials. You can go with the defaults.
    • Credentials for the initial superuser account.

    Once the postinstall.sh script finishes, the PrivX server is operational.

  4. License your PrivX server to enable its features:

    Open a browser and navigate to the FQDN or IP address of your PrivX server. Log in with the superuser credentials provided earlier.

    In the PrivX GUI, go to Administration→License and enter your license code.

After following these steps, you have now set up a PrivX server for evaluation purposes.