Support

Support for business applications

Kaspersky Security Center Cloud Console

Kaspersky applications initial deployment

Preparing a Linux device and installing Network Agent on a Linux device remotely

Kaspersky Security Center Cloud Console
Knowledge Base Online Help
FAQ Free trial Forum Contact support Recovery tools

Preparing a Linux device and installing Network Agent on a Linux device remotely

December 9, 2024

ID 137593

Get as PDF

Network Agent installation comprises two steps:

  • A Linux device preparation
  • Network Agent remote installation

A Linux device preparation

To prepare a device running Linux for remote installation of Network Agent:

  1. Make sure that the following software is installed on the target Linux device:
    • Sudo
    • Perl language interpreter version 5.10 or later
  2. Test the device configuration:
    1. Check whether you can connect to the device through an SSH client (such as PuTTY).

      If you cannot connect to the device, open the /etc/ssh/sshd_config file and make sure that the following settings have the respective values listed below:

      PasswordAuthentication no

      ChallengeResponseAuthentication yes

      Do not modify the /etc/ssh/sshd_config file if you can connect to the device with no issues; otherwise, you may encounter SSH authentication failure when running a remote installation task.

      Save the file (if necessary) and restart the SSH service by using the sudo service ssh restart command.

    2. Disable the sudo password for the user account under which the device is to be connected.
    3. Use the visudo command in sudo to open the sudoers configuration file.

      In the file you have opened, find the line that starts with %sudo (or with %wheel if you are using the CentOS operating system). Under this line, specify the following: <username> ALL = (ALL) NOPASSWD: ALL. In this case, <username> is the user account which is to be used for the device connection using SSH. If you are using the Astra Linux operating system, in the /etc/sudoers file, add the last line with the following text: %astra-admin ALL=(ALL:ALL) NOPASSWD: ALL

    4. Save the sudoers file and then close it.
    5. Connect to the device again through SSH and make sure that the Sudo service does not prompt you to enter a password; you can do this using the sudo whoami command.
  3. Open the /etc/systemd/logind.conf file, and then do one of the following:
    • Specify 'no' as a value for the KillUserProcesses setting: KillUserProcesses=no.
    • For the KillExcludeUsers setting, type the user name of the account under which the remote installation is to be performed, for example, KillExcludeUsers=root.

    If the target device is running Astra Linux, add export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin string in the /home/<username>/.bashrc file, where <username> is the user account which is to be used for the device connection using SSH.

    To apply the changed setting, restart the Linux device or execute the following command:

    $ sudo systemctl restart systemd-logind.service

  4. If you want to install Network Agent on devices with the SUSE Linux Enterprise Server 15 operating system, install the insserv-compat package first to configure Network Agent.
  5. If you want to install Network Agent on devices with the Astra Linux operating system running in the closed software environment mode, perform additional steps to prepare Astra Linux devices.

Network Agent remote installation

To install Network Agent on Linux devices remotely:

  1. Download and create an installation package:
    1. Before installing the package on the device, make sure that it already has all the dependencies (programs and libraries) installed for this package.

      You can view the dependencies for each package on your own, using utilities that are specific for the Linux distribution on which the package is to be installed. For more details about utilities, refer to your operating system documentation.

    2. Download the Network Agent installation package by using the application interface or from the Kaspersky website.
    3. To create a remote installation package, use the following files:
      • klnagent.kpd
      • akinstall.sh
      • .deb or .rpm package of Network Agent
  2. Create a remote installation task with the following settings:
    • On the Settings page of the New task wizard, select the Using operating system resources through Administration Server check box. Clear all other check boxes.
    • On the Selecting an account to run the task page specify the settings of the user account that is used for device connection through SSH.
  3. Run the remote installation task. Use the option for the su command to preserve the environment: -m, -p, --preserve-environment.

');
Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
');
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).