Enterprise Recon 2.9.1
Linux Agent
This section covers the following topics:
- Supported Operating Systems
- Install the Node Agent
- Select an Agent Installer
- Install GPG Key for RPM Package Verification
- Configure the Node Agent
- Use Custom Configuration File
- Install RPM in Custom Location
- Restart the Node Agent
- Uninstall the Node Agent
- Upgrade the Node Agent
Supported Operating System
| Environment (Target Category) | Operating System |
|---|---|
| Linux |
|
Linux Operating Systems
Ground Labs supports and tests ER2 for all Linux distributions currently supported by the respective providers.
Prior versions of Linux distributions may continue to work as expected. However, Ground Labs cannot guarantee support for these versions indefinitely.
Install the Node Agent
- Log in to the ER2 Web Console.
- Go to Settings > Agents > Node Agent Downloads.
-
On the Node Agent Downloads page, click on the Filename for your Platform. See Select an Agent Installer for more information.
Save the Node Agent installer on the machine where the Node Agent will be installed. -
(Optional) Verify the checksum of the downloaded Node Agent package file.
- Open a terminal on the machine where the Node Agent will be installed and
run the following commands:
-
For Debian or similar Linux distributions
# Install Linux Agent, where 'er2_2.x.x-linux26-x64.deb' is the location of the deb package on your computer. dpkg -i er2_2.x.x-linux26-x64.deb -
For RPM-based or similar Linux distributions
# Remove existing ER2 packages rpm -e er2
# Install Linux Agent, where 'er2-2.x.x-linux26-rh-x64.rpm' is the location of the rpm package on your computer. rpm -ivh er2-2.x.x-linux26-rh-x64.rpmFrom ER 2.0.21, you can install the Node Agent RPM package in a custom location. See Install RPM in Custom Location below. -
For Linux 3 database runtime Node Agent on an RPM-based or similar Linux distributions
# Remove existing ER2 packages rpm -e er2
# Install the epel-release package yum install epel-release
# Install the required packages yum install libxml2 libgsasl openssl libcurl libuuid protobuf krb5-libs libaio
# Install Linux 3 Agent, where 'er2-2.x.x-linux3-rh-x64_database-runtime.rpm' is the location of the rpm package on your computer. rpm -ivh er2-2.x.x-linux3-rh-x64_database-runtime.rpm -
For Linux 4 database runtime Node Agent on an RPM-based or similar Linux distributions
# Remove existing ER2 packages rpm -e er2
# Install the epel-release package dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
# Install the required packages dnf install libxml2 libgsasl openssl libcurl libuuid protobuf krb5-libs libaio libnsl
# Install the Linux 4 Agent, where 'er2-2.x.x-linux4-rh-x64_database-runtime.rpm' is the location of the rpm package on your computer. rpm -ivh er2-2.x.x-linux4-rh-x64_database-runtime.rpm
-
For more information, see Select an Agent Installer.
Verify Checksum for Node Agent Package File
You can determine the integrity of the downloaded Node Agent package file by verifying the checksum before installing the Node Agent.
- Download the Node Agent package file.
- Run the commands in a terminal to generate the hash value for the Node Agent package file.
-
MD5 hash (128-bit)
# Syntax: md5sum <path to Node Agent package file> md5sum er2-2.x.xx-xxxxxxx-x64.rpm
Example MD5 hash: f65a2cd26570ddb7efb6a2a4318388ac -
SHA1 hash (160-bit)
# Syntax: sha1sum <path to Node Agent package file> sha1sum er2-2.x.xx-xxxxxxx-x64.rpm
Example SHA1 hash: 33bcd6678580ae38a03183e94b4038e72b8f18f4 -
SHA256 hash (256-bit)
# Syntax: sha256sum <path to Node Agent package file> sha256sum er2-2.x.xx-xxxxxxx-x64.rpm
Example SHA256 hash: 1ee094a222f7d9bae9015ab2c4ea37df71000556b3acd2632ee27013844c49da
-
- In the ER2 Web Console, go to the Settings > Agents > Node Agent Downloads page. The Hash column lists the expected hash values for each Node Agent package file.
-
Compare the generated hash values from Step 2 with the expected hash values listed in the Web Console; both hash values should be equal.
If the hash values do not match, check that your network connection is stable, download the Node Agent package again from the Web Console, and verify the checksums again. If the issue still persists, contact Ground Labs Technical Support.
Select an Agent Installer
Select an Agent installer based on the Linux distribution of the host you are installing the Agent on. The following installation packages are available in the Settings > Agents > Node Agent Downloads page:
| Host Operating System | Linux Kernel Version | Debian-based Linux Distributions | RPM-based Linux Distributions |
|---|---|---|---|
| 32-bit | 2.6.x | er2-2.x.xx-linux26-x32.deb | er2-2.x.xx-linux26-x32.rpm |
| 64-bit | 2.6.x | er2-2.x.xx-linux26-x64.deb | er2-2.x.xx-linux26-rh-x64.rpm |
| 64-bit | 3.x | er2-2.x.xx-linux3-x64.deb | er2-2.x.xx-linux3-rh-x64.rpm |
| 64-bit | 4.x | - | er2-2.x.x-linux4-rh-x64.rpm |
- Examples of Debian-based distributions are Debian, Ubuntu, and their derivatives.
- Examples of RPM-based distributions are CentOS, Fedora, openSUSE, RHEL, Red Hat and its derivatives.
Run uname -r in the terminal of the Agent host to display the operating system kernel version.
For example, running uname -r on a CentOS 6.9 (64-bit) host displays 2.6.32-696.16.1.el6.x86_64. This tells us that it is running a 64-bit Linux 2.6 kernel.
Install GPG Key for RPM Package Verification
Node Agent RPM packages are signed with a Ground Labs GPG key.
For instructions on how to import GPG keys, see GPG Keys (RPM Packages).
Configure the Node Agent
After you have installed the Node Agent, configure the Node Agent to:
- Point to the Master Server.
- (Optional) Use the Master Public Key (see Server Information) when connecting to the Master Server.
- (Optional) Specify Target initial group.
- Test the connection settings.
To configure the Node Agent, choose either mode:
- Interactive Mode
- Manual Mode
For the changes to take effect, you must Restart the Node Agent.
Interactive Mode
Running this command helps you to quickly configure the Node Agent:
er2-config -interactive
The interactive mode asks you for the following information to help you configure the Node Agent.
| Interactive Mode Command Prompts | Description |
|---|---|
| Master server host name or IP Address [10.1.100.0] | Specify a Master Server's host name or IP address. For example, 10.1.100.100. |
| (Optional) Master server public key | Enter the Master Public Key.
Get the Master Server public key from the Server Information page.
|
| (Optional) Target initial group | Specify Target initial group. |
| Test connection settings (Y/N) | Test the Node Agent\'s connection settings to the Master Server, enter Y. |
For the changes to take effect, you must Restart the Node Agent.
Manual Mode
To configure the Node Agent without interactive mode, run:
## Required for connecting to the Master Server
# -i <hostname|ip_address>: Master Server IP address or host name.
## Optional parameters
# -t: Tests if the Node Agent can connect to the given host name or IP address.
# -k <master_public_key>: Sets the Master Public Key.
# -g <target_group>: Sets the default Target Group for scan locations added for this Agent.
er2-config -i <hostname|ip_address> [-t] [-k <master_public_key>] [-g <target_group>]
For the changes to take effect, you must Restart the Node Agent.
Use Custom Configuration File
To run the Node Agent using a custom configuration file:
-
Generate a custom configuration file:
# Where 'custom.cfg' is the location of the custom configuration file. # Run the interactive configuration tool. er2-config -c custom.cfg -interactive
# (Optional) Manual configuration. er2-config -i <hostname|ip_address> [-t] [-k <master_server_key>] [-g <target_group>] -c custom.cfg
## Required # -i : MASTER SERVER ip or host name. ## Optional parameters # -t : Tests if NODE AGENT can connect to the given host name or ip address. # -k <master server key> : Sets the Master Public Key. # -g <target group> : Sets the default TARGET GROUP for scan locations added for this AGENT. -
Change the file owner and permissions for the custom configuration file:
chown erecon:erecon custom.cfg chmod 644 custom.cfg - Restart the Node Agent.
-
Start the Node Agent with the custom configuration flag -c:
er2-agent -c custom.cfg -start
To check which configuration file the Node Agent is using:
ps aux | grep er2
# Displays output similar to the following, where 'custom.cfg' is the configuration file used by the 'er2-agent' process:
# erecon 2537 0.0 2.3 32300 5648 ? Ss 14:34 0:00 er2-agent -c custom.cfg -start
Install RPM in Custom Location
To install the Node Agent RPM package in a custom location:
- Download the Node Agent from the Master Server. The Master Server must be version 2.0.21 and above.
-
Install the package in a custom location.
# Syntax: rpm --prefix=<custom_location> -ivh <node_agent_rpm_package> # Install the Node Agent package into the '/opt/er2' directory.
rpm --prefix=/opt/er2 -ivh er2-2.x.xx-xxxxxxx-x64.rpm - Configure the package:
# Configure the Node Agent package. # Run 'er2-config' binary from the custom install location, i.e. '<custom_location>/usr/sbin/er2-config' # Specify the location of the configuration file. The location of the configuration file is '<custom_location>/var/lib/er2/agent.cfg'
/opt/er2/usr/sbin/er2-config -c /opt/er2/var/lib/er2/agent.cfg -interactive - Restart the Node Agent.
Restart the Node Agent
For your configuration settings to take effect, you must restart the Node Agent:
## Run either of these options
# Option 1
/etc/init.d/er2-agent restart
# Option 2
er2-agent -stop # stops the agent
er2-agent -start # starts the agent
Uninstall the Node Agent
To uninstall the Node Agent, run:
# Debian-based Linux distributions
dpkg --remove er2
# RPM-based Linux distributions
rpm -e er2
Upgrade the Node Agent
See Agent Upgrade for more information.