User Guides
CTE-U Quick Start Guide
- Terminology and Components
- Install and Configure CTE-U with CipherTrust Manager
  - Installation Prerequisites
  - Installation and Registration
  - Verifying Package Signatures
  - Setting the SE Linux state
- Guarding with CTE-U and CipherTrust Manager
  - Access the CipherTrust Manager Domain
  - Create an Encryption Key
  - Guarding CTE files with CTE-U
- Exporting GuardPoints over NFS
- Migrating CTE Agents to CTE-U
- Multifactor Authentication for CTE-U
  - Introduction to Multifactor Authentication
  - Using [CTE-U,MFA]
  - Use Cases for MFA on CTE
  - Exempting some users from authentication with a Whitelist
  - Setting up Multifactor Authentication with a One-Time-Password
  - Setting up Multifactor Authentication with an Inactivity Time Out
  - Administrator Tasks for Multifactor Authentication
  - Troubleshooting Multifactor Authentication
CTE-U Health Manager Utility
- Performing Health Check
- Using the Monitor
- Service Commands
- Viewing the Service Status
- Gathering the Technical Dump
- Troubleshooting/ Debugging CTE-U
CTE-U Agent Advanced Configuration Guide for Linux
- CTE-U Overview
- Getting Started
  - Configuring CTE-U with CipherTrust Manager
- Enhanced Encryption Mode
- CTE with systemd
  - CTE Agent Control Changes on systemd
- Utilities
  - CTE-U Linux Authentication and Client Settings
  - Individual GuardPoint Tuning
  - Secfsd Utility
- Upgrading CTE-U on Linux
- Uninstalling CTE-U from Linux
Using FreeBSD with CTE-U
- FreeBSD Jail
- Install CTE-U Dependencies
- FreeBSD Services
- Upgrade CTE-U Packages
- Remove CTE-U Packages
- Unsupported Features for CTE-U with FreeBSD

Secfsd Utility

The secfsd utility displays the following attributes of CTE-U:

GuardPoints defined in the GuardPoints
Authentication parameters defined in the Client Settings tab
Lock status set by enabling FS Agent Locked and System Locked
Web destination and SSL certificate for uploading log entries
Policies applied in the GuardPoints tab
Status of required processes (secfsd and vmd)
Version of secfs

The secfsd utility is also used to mount GuardPoints for Directory (Manual Guard). Normally, CTE-U automatically mounts the secfs file system when you apply a GuardPoint to a directory. On Linux, the secfsd utility is located in <install_dir>/secfs/.sec/bin and a symbolic link to this file is placed in /usr/bin/secfsd.

secfsd syntax

Command	Description
`-help`	display `secfsd` options

Status Options

Command	Description
`-status guard [-v \| -tree]`	list all GuardPoints
`-status auth`	list authentication settings
`-status logger`	list logging details
`-status lockstat`	show status of system and agent lock
`-status policy`	list configured policies

Manual GuardPoint options

Command	Description
`-guard path`	manually guard path
`-unguard path`	manually unguard path
`-restart path`	restarts a crashed GuardPoint

Version option

Command	Description
`-version`	list version

Suggest A Change

Secfsd Utility

secfsd syntax

On this page