Skip to main content
Version: Axidian Privilege 2.10

Access Server (SSH Proxy)

caution

Before you begin the installation, prepare the configuration files.

Inventory

  1. Go to the axidian-pam-linux distribution folder and rename the inventory.template file to inventory.
  2. Edit the inventory file:
    1. In the access section, specify the FQDN addresses of the access servers
    2. For all of the servers except the local one, add the following line: remote_user=root ansible_password=123 ansible_become_password=123
      1. remote_user=root — username for remote connection to the resource
      2. ansible_password=123 — user password for remote connection to the resource
      3. ansible_become_password=123 — user password for remote connection to the resource
    3. Comment out all fields that have not been changed and save.
/client-dist/inventory file contents
# NOTE: To access docker host use local.docker name instead of localhost

#[management] 
#MANAGEMENT_SERVER_FQDN_OR_IP  

[access]
pamgtw1.test.local
pamgtw2.test.local remote_user=root ansible_password=123 ansible_become_password=123

#[haproxy]
#HAPROXY_SERVER_FQDN_OR_IP

#[rds]
#RDS_SERVER_FQDN_OR_IP

# Use this section to override vars
#[all:vars]
#server_fqdn=OVERRIDE_SERVER_FQDN

Configuration Files

Unzip the downloaded configuration files and move the ssh-proxy and rdp-proxy folders to axidian-pam-linux\state.

Installation

  1. Move  the distribution to the target Linux resource.
  2. Run the installation script with the command: 
    sudo bash run-deploy.sh
  3. When prompted, enter your local sudo user name (for example, root) and password.
  4. Wait for the installation to finish.
info

If the script aborted with an error, send the log file to technical support.

Certification Authority Certificate

  1. Add the downloaded CA certificate in .crt format along the path /etc/axidian/axidian-privilege/ca-certificates.

  2. Go to the /etc/axidian/axidian-privilege folder.

  3. Restart Axidian Privilege access server components using the following commands:

    sudo docker compose -f docker-compose.access-server.yml down
    sudo docker compose -f docker-compose.access-server.yml up -d

    or

    sudo docker-compose -f docker-compose.access-server.yml down
    sudo docker-compose -f docker-compose.access-server.yml up -d