Installing Kaspersky Security Center Linux

This procedure describes how to install Kaspersky Security Center Linux.

Before installation:

• Install a DBMS.
• Make sure that the device on which you want to install Kaspersky Security Center Linux is running one of the supported Linux distributions.

Use the installation file—ksc64_[version_number]_amd64.deb or ksc64-[version_number].x86_64.rpm—that corresponds to the Linux distribution installed on your device. You receive the installation file by downloading it from the Kaspersky website.

To install Kaspersky Security Center Linux, run the commands provided in the instruction below under an account with root privileges.

To install Kaspersky Security Center Linux:

1. If your device runs on Astra Linux 1.8 or later, do the actions described in this step. If your device runs on a different OS, proceed to the next step.
   1. Create the /etc/systemd/system/kladminserver_srv.service.d directory and create a file named override.conf with the following content:

      [Service]

      User=

      User=ksc

      CapabilitiesParsec=PARSEC_CAP_PRIV_SOCK

      ExecStart=

      ExecStart=/opt/kaspersky/ksc64/sbin/klserver -d from_wd

   2. Create a directory /etc/systemd/system/klwebsrv_srv.service.d and create a file named override.conf with the following content:

      [Service]

      User=

      User=ksc

      CapabilitiesParsec=PARSEC_CAP_PRIV_SOCK

      ExecStart=

      ExecStart=/opt/kaspersky/ksc64/sbin/klcsweb -d from_wd

2. Create a group 'kladmins' and an unprivileged account 'ksc'. The account must be a member of the 'kladmins' group. To do this, sequentially run the following commands:

   # adduser ksc

   # groupadd kladmins

   # gpasswd -a ksc kladmins

   # usermod -g kladmins ksc

3. Run the Kaspersky Security Center Linux installation. Depending on your Linux distribution, run one of the following commands:
   • # apt install /<path>/ksc64_[version_number]_amd64.deb
   • # yum install /<path>/ksc64-[version_number].x86_64.rpm -y
4. Run the Kaspersky Security Center Linux configuration:

   # /opt/kaspersky/ksc64/lib/bin/setup/postinstall.pl

5. Read the End User License Agreement (EULA) and the Privacy Policy. The text is displayed in the command line window. Press the space bar to view the next text segment. Then, when prompted, enter the following values:
   1. Enter y if you understand and accept the terms of the EULA. Enter n if you do not accept the terms of the EULA. To use Kaspersky Security Center Linux, you must accept the terms of the EULA.
   2. Enter y if you understand and accept the terms of the Privacy Policy, and you agree that your data will be handled and transmitted (including to third countries) as described in the Privacy Policy. Enter n if you do not accept the terms of the Privacy Policy. To use Kaspersky Security Center Linux, you must accept the terms of the Privacy Policy.
6. When prompted, enter the following settings:
   1. Enter the Administration Server DNS name or static IP address. 127.0.0.1 for a local DB installation.
   2. Enter the Administration Server SSL port number. By default, port 13000 is used.
   3. Evaluate the approximate number of devices that you intend to manage:
      • If you have from 1 to 100 networked devices, enter 1.
      • If you have from 101 to 1000 networked devices, enter 2.
      • If you have more than 1000 networked devices, enter 3.
   4. Enter the security group name for services. By default, the kladmins group is used.
   5. Enter the account name to start the Administration Server service. The account must be a member of the entered security group. By default, the ksc account is used.
   6. Enter the account name to start other services. The account must be a member of the entered security group. By default, the ksc account is used.
   7. Select the DBMS that you installed to work with Kaspersky Security Center Linux:
      • If you installed MySQL or MariaDB, enter 1.
      • If you installed PostgreSQL or Postgres Pro, enter 2.
   8. Enter the DNS name or IP address of the device on which the database is installed. 127.0.0.1 for a local DB installation.
   9. Enter the database port number. This port is used to communicate with Administration Server. By default, the following ports are used:
      • Port 3306 for MySQL or MariaDB
      • Port 5432 for PostgreSQL or Postgres Pro
   10. Enter the database name.
   11. Enter the login of the database root account that you use to access the database.
   12. Enter the password of the database root account that you use to access the database.

       Wait for the services to be added and started automatically:

       • klnagent_srv
       • kladminserver_srv
       • klactprx_srv
       • klwebsrv_srv
   13. Create an account that will act as an Administration Server administrator. Enter the user name and password. You can use the following command to create a new user: /opt/kaspersky/ksc64/sbin/kladduser -n ksc -p <password>

       The password must comply with the following rules:

       • The user password cannot have less than 8 or more than 16 characters.
       • The password must contain characters from at least three of the groups listed below:
         • Uppercase letters (A-Z)
         • Lowercase letters (a-z)
         • Numbers (0-9)
         • Special characters (@ # $ % ^ & * - _ ! + = [ ] { } | : ' , . ? / \ ` ~ " ( ) ;)

The user is added and Kaspersky Security Center Linux is installed.

Service verification

Use the following commands to check whether or not a service is running:

• # systemctl status klnagent_srv.service
• # systemctl status kladminserver_srv.service
• # systemctl status klactprx_srv.service
• # systemctl status klwebsrv_srv.service