Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Getting Started with CTE for Linux

Linux Package Installation

search

Please Note:

Linux Package Installation

This section describes how to access the Linux RPM installation package so that the CTE Agent installation integrates with the distribution software. To access the Linux RPM file, you can:

  • Extract the RPM file from the CTE Agent install bin file. This is the easiest method, but the files in the package are not signed and therefore cannot be verified. For details, see Installing the Unsigned RPM Package.

  • Download the package from the Yum repository. If you use Yum, the files in the package are signed and the signatures are automatically verified when the package is installed. For details, see Installing the Signed RPM Package with Yum.

  • Manually download the RPM package outside of Yum and manually verify the package signatures. For details, see Installing the Signed RPM Package Manually.

caution

Caution

Do not use package installation for SUSE Linux. Instead, use the interactive or silent installation.

copy link to clipboardInstalling the Unsigned RPM Package

The CTE installation bin files contain the unsigned native packages. Extract them by running the bin file with the -e flag.

  1. Log on to the host system as root and copy or mount the installation file to the host system.

  2. Extract the RPM file using the following command:

    ./vee-fs-<release>-<build>-<system>.bin -e

    Example:

    ./vee-fs-7.3.0-135-rh8-x86_64.bin -e

Contents extracted.

ls *rpm

vee-fs-7.3.0-135-rh8-x86_64.rpm

  3. To start the installation using the RPM file, use the following command:

    rpm -ivh vee-fs-7.3.0-135-rh8-x86_64.rpm

  4. Follow the prompts to install and register CTE.

    For details about the installation and registration process, see the appropriate installation procedure.

copy link to clipboardInstalling the Signed RPM Package with Yum

note

Note

Before you can download and install the package using the Yum repository, you must contact Thales Customer Support to get the username and password for the package repository on which the package resides.

  1. Create the repository file, /etc/yum.repos.d/Vormetric-VTE.repo, with the following contents:

    [vormetric-vte]
releasever=REL_VERSION
name=Vormetric VTE Packages $releasever - $basearch – Source
baseurl=https://USER:PASSWORD@packages.vormetric.com/vte/VERSION/rhel-$releasever/
gpgkey=https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
enabled=1
gpgcheck=1
repo_gpgcheck=1
sslverify=1

    where:

    • REL_VERSION: Version of RHEL that you are running. This would be rhel-6, rhel-7, or rhel-8.

    • USER:PASSWORD: Username and password for the CTE package repository you obtained from Thales Customer Support.

    • VERSION: CTE release version number. For example, 7.4.0, 7.5.0

  2. Clean up the Yum cache directory:

    yum clean all

  3. Use Yum to install the CTE binary. For example, if the CTE binary name is vee-fs-7.3.0-135-rh8-x86_64, you would enter:

    yum install vee-fs-7.3.0-135-rh8-x86_64
    note

    Note

    The first time you install CTE through Yum, you will be asked to import the GPG key. Make sure that you download this key or the install will fail. For example:

    vormetric-vte/7Server/signature                           |  198 B  00:00:00
Retrieving key from https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
Importing GPG key 0x628536B7:
 Userid     : "Vormetric (PKG-GPG-KEY) <support@vormetric.com>"
 Fingerprint: 7cb5 4f55 40d4 1b63 bf91 c896 f00a 13b0 6285 36b7
 From       : https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
Is this ok [y/N]: y

  4. Follow the prompts to install and register CTE.

    For details about the installation and registration process, see the appropriate installation procedure.

copy link to clipboardInstalling the Signed RPM Package Manually

If you want to manually verify the signed version of the CTE RPM package, you can download the public key from the Thales package repository and manually verify the rpm signature.

  1. Import the public key from the Thales package repository:

    rpm --import https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
rpm -qa gpg-pub*
gpg-pubkey-628536b7-56f9887b    : Imported CTE GPG public key.
gpg-pubkey-fd431d51-4ae0493b

  2. Verify the signature of the package using the rpm -Kv command.

    rpm -Kv vee-fs-7.3.0-135-rh8-x86_64.rpm
vee-fs-7.3.0-135-rh8-x86_64.rpm:
Header V4 DSA/SHA1 Signature, key ID 628536b7: OK
Header SHA1 digest: OK (ed3d33dca580c66c70961cfee143e9877a09544c)
MD5 digest: OK (95273b36ef1c205a7cea444e14bef15f)
V4 DSA/SHA1 Signature, key ID 628536b7: OK

    The output should show that the keys match is OK.

  3. To start the installation using the RPM file, use the following command:

    rpm -ivh vee-fs-7.3.0-135-rh8-x86_64.rpm

  4. Follow the prompts to install and register CTE.

    For details about the installation and registration process, see the appropriate installation procedure.

On this page