Linux Package Installation for SLES
This section describes how to access the Linux RPM installation package so that the CTE Agent installation integrates with the distribution software. To access the Linux RPM file, you can:
-
Extract the RPM file from the CTE Agent install bin file. This is the easiest method, but the files in the package are not signed and therefore cannot be verified. For details, see Installing the Unsigned RPM Package.
-
Download the package from the RPM repository. If you use Zypper Package Manager, the files in the package are signed and the signatures are automatically verified when the package is installed. For details, see Installing the Signed RPM Package with Zypper.
-
Manually download the RPM package outside of Zypper and manually verify the package signatures. For details, see Installing the Signed RPM Package Manually.
Prerequisites
Before you can download and install the package using the Zypper repository, you must contact Thales Support to get the username and password for the package repository on which the package resides.
Installing the Unsigned RPM Package
The CTE installation bin
files contain the unsigned native packages. Extract them by running the bin
file with the -e
flag.
-
Log on to the host system as root and copy or mount the installation file to the host system.
-
Extract the RPM file using the following command:
./vee-fs-<release>-<build>-<distro>-<architecture>.bin -e
Example
./vee-fs-7.5.0-68-sles15-x86_64.bin -e
Response
Contents extracted.
-
Verify that the package extracted correctly:
ls *rpm
Example Response
vee-fs-7.5.0-68-sles15-x86_64.rpm
-
To start the installation using the RPM file, use the following command:
sudo rpm -ivh vee-fs-<release>-<distro>-x86_64.rpm
-
Follow the prompts to install and register CTE.
For details about the installation and registration process, see the appropriate installation procedure.
- If you are going to register the system with a CipherTrust Manager, see Configuring CTE for Linux with CipherTrust Manager.
Installing the Signed RPM Package with Zypper Package Manager
-
Create the repository file
/etc/zypp/repos.d/Vormetric-VTE.repo
, with the following contents:/etc/zypp/repos.d/Vormetric-VTE.repo
-
Add with the following contents:
[vormetric-vte] name=Vormetric VTE Packages for SLES enabled=1 autorefresh=0 baseurl=https://USER:PASSWORD@packages.vormetric.com/vte/VERSION/SLES_VER type=rpm-md
Where:
-
USER/PASSWD: contact Thales Support to obtain the credential
-
VERSION: CTE release version. Ex: 7.3.0, 7.3.0
-
SLES_VER: SLES release version. Ex: sles12, sles15
-
-
Import public key from the repository:
$ sudo rpm --import https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
-
Clean up cached data:
$ sudo zypper clean $ sudo zypper refresh
-
List available versions of the CTE.
$ zypper se --match-exact -t package -s vee-fs
-
Install CTE binary:
$ zypper in vee-fs : download the latest $ zypper in vee-fs=<CTE_VERSION> : download the specific version
-
Follow the prompts to install and register CTE.
For details about the installation and registration process, see the appropriate installation procedure.
- If you are going to register the system with a CipherTrust Manager, see Configuring CTE for Linux with CipherTrust Manager.
Installing the Signed RPM Package Manually
If you want to manually verify the signed version of the CTE RPM package, you can download the public key from the Thales package repository and manually verify the rpm signature.
-
Download the
rpm
file, type:$ wget -c --user USER --password PASSWORD https://packages.vormetric.com/vte/VERSION/REL_VERSION/TARGET_RPM_NAME
Example
$ wget -c --user USER --password PASSWORD https://packages.vormetric.com/vte/7.3.0/sles15/vee-fs-7.5.0-68-sles15-x86_64.rpm
where:
-
REL_VERSION: RHEL release version. Ex: sles12, sles15,
-
USER/PASSWORD: Username/password obtained from Thales Support
-
VERSION: CTE release version. Ex: 7.5.0
-
TARGET_RPM_NAME: Target
rpm
filename to download. Ex: vee-fs-7.5.0-68-sles15-x86_64.rpm
-
-
Import the public key from the Thales package repository:
sudo rpm --import https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric sudo rpm -qa gpg-pub* gpg-pubkey-628536b7-56f9887b : Imported CTE GPG public key. gpg-pubkey-fd431d51-4ae0493b
-
Verify the signature of the package using the
rpm -Kv
command.sudo rpm -Kv vee-fs-<release>-<build>-<distro>-<architecture>.rpm
Example
sudo rpm -Kv vee-fs-7.5.0-68-sles15-x86_64.rpm
Response
Header V4 DSA/SHA1 Signature, key ID 628536b7: OK Header SHA1 digest: OK (ed3d33dca580c66c70961cfee143e9877a09544c) MD5 digest: OK (95273b36ef1c205a7cea444e14bef15f) V4 DSA/SHA1 Signature, key ID 628536b7: OK The output should show that the keys match is OK.
-
To start the installation using the RPM file, use the following command:
sudo rpm -ivh vee-fs-<release>-<build>-<distro>-<architecture>.rpm
-
Follow the prompts to register CTE.
For details about the installation and registration process, see the appropriate installation procedure.
- If you are going to register the system with a CipherTrust Manager, see Configuring CTE for Linux with CipherTrust Manager.