To change the IP address and port of ESET Server Security for Linux Web interface, or add additional addresses on which the Web interface is supposed to be available, click Edit next to Listen addresses and ports. Click Add, type in the proper address and port, click OK and then click Save. Click Save in the Setup screen.
|
|
By default, the web interface is available only from localhost. For access from the internal network or the internet, it is necessary to define a custom IP address explicitly and, if needed, a port.
|
To import a new certificate and corresponding private key, use the Certificate and Private key buttons. If the private key is password protected, type the password into the Private key password field. Click Save in the Setup screen.
|
|
Only PEM format for certificates and private keys is supported.
|
|
|
If you use a self-signed certificate, check its authenticity in the browser before trusting it. We recommend using a properly signed certificate for improved security, especially if the GUI is exposed to the network.
|
Disable and enable the Web interface
If you click the toggle next to Enable web interface and click Save in the Setup screen, you will be logged out immediately and the Web interface will not be available anymore.
You can enable the Web interface again via a Terminal window.
If you complete the installation of ESET Server Security for Linux remotely via ESET PROTECT, the Web interface is not enabled.
If you want to access the Web interface on the specific machine, run the following command from a Terminal window:
sudo /opt/eset/efs/sbin/setgui -gre
|
The final output will show the URL address of the Web interface and the access credentials.
To make the Web interface available at a custom IP address and port, for example, 10.1.184.230:9999, run the following command from a Terminal window:
sudo /opt/eset/efs/sbin/setgui -i 10.1.184.230:9999
|
To enable the Web interface via ESET PROTECT, use the Run Command task to execute the following command:
/opt/eset/efs/sbin/setgui -re --password=<password>
|
where <password> represents the desired password defined by you.
|
|
Ensure that your password meets the following criteria:
•Minimum number of characters: 14
•One lowercase letter
•One uppercase letter
•One number
•One special character |
Available options for the setgui command
Options - short form
|
Options - long form
|
Description
|
-g
|
--gen-password
|
Generate a new password to access the Web interface
|
-p
|
--password=PASSWORD
|
Define a new password to access the Web interface
|
-f
|
--passfile=FILE
|
Set a new password read from a file to access the Web interface
|
-r
|
--gen-cert
|
Generate a new private key and a certificate
|
-a
|
--key-password=PASSWORD
|
Set private key password
|
-l
|
--key-passfile=FILE
|
Set private key password read from file
|
-i
|
--ip-address=IP:PORT
|
Server address (IP and port number)
|
-c
|
--cert=FILE
|
Import certificate
|
-k
|
--key=FILE
|
Import private key
|
-d
|
--disable
|
Disable Web interface
|
-e
|
--enable
|
Enable Web interface
|
|
|
You can enable/disable the Web interface again via ESET PROTECT policy.
1.In ESET PROTECT, click Policies > New policy and type a name for the policy.
2.Click Settings and select ESET Server/File Security for Linux (V7+) from the drop-down menu.
3.Navigate to Tools > Web interface.
4.Click the toggle next to Enable web interface.
5.Optionally, click Set next to Set password to create new password. The new password must fulfill the criteria listed on the screen. Click OK.
6.Optionally, import new Certificate and Private key. If the private key is password protected, type the password into the Private key password field.
7.Click Continue > Assign, select the desired group of computers the policy will apply to.
8.Click OK, then click Finish. |
