Server installation - Linux

Installation of the ESET PROTECT Server component on Linux is performed using a command in the Terminal. You can prepare an installation script and then execute it using sudo. Make sure all prerequisites are met before you begin installation.

note

Installation instructions for selected Linux distributions

You can follow our Knowledgebase articles with distribution-specific instructions:

CentOS 7

Debian 10

SUSE Linux Enterprise Server (SLES)

1.Download the ESET PROTECT Server component:

wget https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server-linux-x86_64.sh

2.Make the downloaded file executable:

chmod +x server-linux-x86_64.sh

3.Run the installation script based on the example below (New lines are split by "\" for copying the whole command to Terminal):

sudo ./server-linux-x86_64.sh \
--skip-license \
--db-type="MySQL Server" \
--db-driver="MySQL ODBC 8.0 Driver" \
--db-hostname=127.0.0.1 \
--db-port=3306 \
--db-admin-username=root \
--db-admin-password=password \
--server-root-password=password \
--db-user-username=root \
--db-user-password=password \
--cert-hostname="hostname, IP, FQDN"

You can modify the following attributes:

Attribute

Description

Required

--uninstall

Uninstalls the product.

-

--keep-database

Database will not be removed during uninstallation.

-

--locale

The locale identifier (LCID) of the installed server (default value is en_US). See supported languages for possible options.

note

Note

If you do not specify the --locale, ESET PROTECT Server will be installed in the English language.

After ESET PROTECT installation, you can set a language for each ESET PROTECT Web Console session. Not all elements of the Web Console will change after the language change. Some of the elements (default dashboards, policies, tasks, etc.) are created during the ESET PROTECT installation and their language cannot be changed.

Yes

--skip-license

Installation will not ask the user for license agreement confirmation.

-

--skip-cert

Skip generation of certificates (use with the --server-cert-path parameter).

-

--license-key

ESET license key. This can be set later.

-

--server-port

ESET PROTECT server port (default value is 2222)

-

--console-port

ESET PROTECT console port (default value is 2223)

-

--server-root-password

Password for Web Console login of the user "Administrator", must be at least 8 characters long.

Yes

--db-type

The type of database that will be used (possible values: "MySQL Server", "MS SQL Server"). MS SQL Server on Linux is not supported. However, you can connect the ESET PROTECT Server on Linux to MS SQL Server on Windows.

-

--db-driver

ODBC driver used for connecting to database specified in the odbcinst.ini file (command odbcinst -q -d gives a list of available drivers, use one of these drivers for example: --db-driver="MySQL ODBC 8.0 Driver").

Yes

--db-hostname

Computer name or IP address of the database server. Named database instance is not supported.

Yes

--db-port

Port of the database server (default value is 3306).

Yes

--db-name

Name of ESET PROTECT Server database (default value is era_db).

-

--db-admin-username

Database administrator username (used by installation for creating and modifying database). You can omit this parameter if there is a previously created database user defined in --db-user-username and --db-user-password

Yes

--db-admin-password

Database administrator password. You can omit this parameter if there is a previously created database user defined by --db-user-username and --db-user-password

Yes

--db-user-username

Database ESET PROTECT Server user username (used by ESET PROTECT Server for connecting to database); should be no longer than 16 characters.

Yes

--db-user-password

Database ESET PROTECT Server user password

Yes

--cert-hostname

Contains all the possible names and/or the IP of the computer that ESET PROTECT Server will be installed on. This will need to match with the server name specified in the Agent certificate that tries to connect to the server.

Yes

--server-cert-path

Path to server peer certificate (use this option if you specified --skip-cert as well)

-

--server-cert-password

Password of server peer certificate

-

--agent-cert-password

Password of Agent peer certificate

-

--cert-auth-password

Certificate Authority password

-

--cert-auth-path

Path to the Server's Certificate Authority file

-

--cert-auth-common-name

Certification Authority common name (use "")

-

--cert-organizational-unit

-

-

--cert-organization

-

-

--cert-locality

-

-

--cert-state

-

-

--cert-country

-

-

--cert-validity

Certificate validity in days or years (specify in argument --cert-validity-unit)

-

--cert-validity-unit

Unit for certificate validity, possible values are 'Years' or 'Days' (default value is Years)

-

--ad-server

Active Directory server

-

--ad-user-name

Name of the user who has rights to search the AD network

-

--ad-user-password

Active Directory user password

-

--ad-cdn-include

Active Directory tree path, which will be synchronized for; use empty brackets "" to synchronize a whole tree

-

--enable-imp-program

Turn on the Product improvement program.

-

--disable-imp-program

Turn off the Product improvement program.

-

note

Note

We recommend that you delete commands containing sensitive data (e.g. a password) from the command line history:

1.Run history to see the list of all commands in the history.

2.Run history -d line_number (specify the line number of the command). Alternatively, run history -c to delete the entire command line history.

4.The installation prompts if you want to participate in the Product improvement program. Press Y if you agree to send crash reports and telemetry data to ESET or press N not to send any data.

5.The ESET PROTECT Server and the eraserver service will be installed in the following location:

/opt/eset/RemoteAdministrator/Server

6.After installation, verify that the ESET PROTECT Server service is running using the command shown below:

service eraserver status

component_server_status_linux

Installer log

The installer log may be useful for troubleshooting and can be found in Log files.