Make sure that the device on which you want to install Kaspersky Security Center Linux is running one of the supported Linux distributions.
Use the installation file—ksc64_[version_number]_amd64.deb or ksc64-[version_number].x86_64.rpm—that corresponds to the Linux distribution installed on your device. You receive the installation file by downloading it from the Kaspersky website.
To install Kaspersky Security Center Linux, run the commands provided in the instruction below under an account with root privileges.
To install Kaspersky Security Center Linux:
If your device runs on Astra Linux 1.8 or later, do the actions described in this step. If your device runs on a different OS, proceed to the next step.
Create the /etc/systemd/system/kladminserver_srv.service.d directory and create a file named override.conf with the following content:
Create a group 'kladmins' and an unprivileged account 'ksc'. The account must be a member of the 'kladmins' group. To do this, sequentially run the following commands:
# adduser ksc
# groupadd kladmins
# gpasswd -a ksc kladmins
# usermod -g kladmins ksc
Increase the default limit of files that can be opened (file descriptors) for the accounts used for the function of Administration Server services. To do this, open the /etc/security/limits.conf file, and then specify the soft and hard limits of the file descriptors as follows:
ksc soft nofile 32768
ksc hard nofile 131072
Run the Kaspersky Security Center Linux installation. Depending on your Linux distribution, run one of the following commands:
Read the End User License Agreement (EULA) and the Privacy Policy. The text is displayed in the command line window. Press the space bar to view the next text segment. Then, when prompted, enter the following values:
Enter y if you understand and accept the terms of the EULA. Enter n if you do not accept the terms of the EULA. To use Kaspersky Security Center Linux, you must accept the terms of the EULA.
Enter y if you understand and accept the terms of the Privacy Policy, and you agree that your data will be handled and transmitted (including to third countries) as described in the Privacy Policy. Enter n if you do not accept the terms of the Privacy Policy. To use Kaspersky Security Center Linux, you must accept the terms of the Privacy Policy.
When prompted, enter the following settings:
Enter the Administration Server DNS name or static IP address. That address will be used by other devices to connect to the Administration Server.
Enter the Administration Server SSL port number. By default, port 13000 is used.
Evaluate the approximate number of devices that you intend to manage:
If you have from 1 to 100 networked devices, enter 1.
If you have from 101 to 1000 networked devices, enter 2.
If you have more than 1000 networked devices, enter 3.
Enter the security group name for services. By default, the kladmins group is used.
Enter the account name to start the Administration Server service. The account must be a member of the entered security group. By default, the ksc account is used.
Enter the account name to start other services. The account must be a member of the entered security group. By default, the ksc account is used.
Select the DBMS that you installed to work with Kaspersky Security Center Linux:
If you installed MySQL or MariaDB, enter 1.
If you installed PostgreSQL or Postgres Pro, enter 2.
Enter the DNS name or IP address of the device on which the database is installed. 127.0.0.1 by default for a local DB installation.
Enter the database port number. This port is used to communicate with Administration Server. By default, the following ports are used:
Port 3306 for MySQL or MariaDB
Port 5432 for PostgreSQL or Postgres Pro
Enter the database name.
Enter the login of the database root account that you use to access the database.
Enter the password of the database root account that you use to access the database.
Wait for the services to be added and started automatically:
klnagent_srv
kladminserver_srv
klactprx_srv
klwebsrv_srv
Create an account that will act as an Administration Server administrator. Enter the user name and password. You can use the following command to create a new user: /opt/kaspersky/ksc64/sbin/kladduser -n ksc -p <password>
The password must comply with the following rules:
The user password cannot have less than 8 or more than 256 characters.
The password must contain characters from at least three of the groups listed below: