Linux Package Installation for SLES

This section describes how to access the Linux RPM installation package so that the CTE Agent installation integrates with the distribution software. To access the Linux RPM file, you can:

• Extract the RPM file from the CTE Agent install bin file. This is the easiest method, but the files in the package are not signed and therefore cannot be verified. For details, see Installing the Unsigned RPM Package.

• Download the package from the RPM repository. If you use Zypper Package Manager, the files in the package are signed and the signatures are automatically verified when the package is installed. For details, see Installing the Signed RPM Package with Zypper.

• Manually download the RPM package outside of Zypper and manually verify the package signatures. For details, see Installing the Signed RPM Package Manually.

Prerequisites

Before you can download and install the package using the Zypper repository, you must contact Thales Support to get the username and password for the package repository on which the package resides.

Installing the Unsigned RPM Package

The CTE installation bin files contain the unsigned native packages. Extract them by running the bin file with the -e flag.

1. Log on to the host system as root and copy or mount the installation file to the host system.

2. Extract the RPM file using the following command:

   ./vee-fs-<release>-<build>-<distro>-<architecture>.bin -e
   

   Example

   ./vee-fs-7.5.0-68-sles15-x86_64.bin -e
   

   Response

   Contents extracted.
   

3. Verify that the package extracted correctly:

   ls *rpm
   

   Example Response

   vee-fs-7.5.0-68-sles15-x86_64.rpm
   

4. To start the installation using the RPM file, use the following command:

   sudo rpm -ivh vee-fs-<release>-<distro>-x86_64.rpm
   

5. Follow the prompts to install and register CTE.

   For details about the installation and registration process, see the appropriate installation procedure.

   • If you are going to register the system with a CipherTrust Manager, see Configuring CTE for Linux with CipherTrust Manager.

Installing the Signed RPM Package with Zypper Package Manager

1. Create the repository file /etc/zypp/repos.d/Vormetric-VTE.repo, with the following contents:

   /etc/zypp/repos.d/Vormetric-VTE.repo
   

2. Add with the following contents:

   [vormetric-vte]
   
   name=Vormetric VTE Packages for SLES
   
   enabled=1
   
   autorefresh=0
   
   baseurl=https://USER:PASSWORD@packages.vormetric.com/vte/VERSION/SLES_VER
   
   type=rpm-md
   

   Where:

   • USER/PASSWD: contact Thales Support to obtain the credential

   • VERSION: CTE release version. Ex: 7.3.0, 7.4.0

   • SLES_VER: SLES release version. Ex: sles12, sles15

3. Import public key from the repository:

   $ sudo rpm --import https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
   

4. Clean up cached data:

   $ sudo zypper clean
   
   $ sudo zypper refresh
   

5. List available versions of the CTE.

   $ zypper se --match-exact -t package -s vee-fs
   

6. Install CTE binary:

   $ zypper in vee-fs                    : download the latest
   
   $ zypper in vee-fs=<CTE_VERSION>      : download the specific version
   

7. Follow the prompts to install and register CTE.

   For details about the installation and registration process, see the appropriate installation procedure.

   • If you are going to register the system with a CipherTrust Manager, see Configuring CTE for Linux with CipherTrust Manager.

Installing the Signed RPM Package Manually

If you want to manually verify the signed version of the CTE RPM package, you can download the public key from the Thales package repository and manually verify the rpm signature.

1. Download the rpm file, type:

   $  wget -c --user USER --password PASSWORD  https://packages.vormetric.com/vte/VERSION/REL_VERSION/TARGET_RPM_NAME
   

   Example

   $  wget -c --user USER --password PASSWORD  https://packages.vormetric.com/vte/7.4.0/sles15/vee-fs-7.5.0-68-sles15-x86_64.rpm
   

   where:

   • REL_VERSION: RHEL release version. Ex: sles12, sles15,

   • USER/PASSWORD: Username/password obtained from Thales Support

   • VERSION: CTE release version. Ex: 7.5.0

   • TARGET_RPM_NAME: Target rpm filename to download. Ex: vee-fs-7.5.0-68-sles15-x86_64.rpm

2. Import the public key from the Thales package repository:

       sudo rpm --import https://packages.vormetric.com/pub/PKG-GPG-KEY-vormetric
       sudo rpm -qa gpg-pub*
       gpg-pubkey-628536b7-56f9887b    : Imported CTE GPG public key.
       gpg-pubkey-fd431d51-4ae0493b
   

3. Verify the signature of the package using the rpm -Kv command.

           sudo rpm -Kv vee-fs-<release>-<build>-<distro>-<architecture>.rpm
   

   Example

           sudo rpm -Kv vee-fs-7.5.0-68-sles15-x86_64.rpm
   

   Response

           Header V4 DSA/SHA1 Signature, key ID 628536b7: OK
   
           Header SHA1 digest: OK (ed3d33dca580c66c70961cfee143e9877a09544c)
   
           MD5 digest: OK (95273b36ef1c205a7cea444e14bef15f)
   
           V4 DSA/SHA1 Signature, key ID 628536b7: OK
   
           The output should show that the keys match is OK.
   

4. To start the installation using the RPM file, use the following command:

   sudo rpm -ivh vee-fs-<release>-<build>-<distro>-<architecture>.rpm
   

5. Follow the prompts to register CTE.

   For details about the installation and registration process, see the appropriate installation procedure.

   • If you are going to register the system with a CipherTrust Manager, see Configuring CTE for Linux with CipherTrust Manager.