Skip to content

Linux

Procedure to install:

HySecure Linux Client and required configuration is below:

For root user:

For Ubuntu Client 6.1.6:

Copy and extract the file to the end user machine.

Run the install script through open terminal.

./install.sh (go to the path where you have copied file)

It will ask for password.

Logout and login again.

For Ubuntu Client 6.1.7:

Install Deb file using following command:

sudo dpkg -i

After successful installation, you must have to signoff and sign in into Linux machine for take effect.

For Standard user:

As of now, installation for standard user is not supported.

Installation

Which operating systems are supported by Accops HySecure client?

Accops HySecure Linux Client support following Linux Operating Systems:

-Ubuntu-16.04.3 LTS (64-Bit)

-Ubuntu-18.04.3 LTS (64-Bit)

Is admin/root Privileges is required for HySecure Linux client Installation?

Yes. must require admin/root(sudo) user privileges for HySecure Client Installation.

-Not able to install HySecure Linux Client Without root user privileges.

Is Internet access is required for HySecure Linux client Installation?

Yes. Internet access is required for HySecure Linux Client Installation.

-If internet is not available on Linux machine then some packages (like xfreerdp, iptables, etc) will not get installed and hamper with functionality of Accops HySecure client.

Is there separate client setup for 32-bit and 64-bit Linux Operating Systems?

As of now its supports only 64-Bit Operating Systems (Ubuntu-16-04.3 LTS & Ubuntu-18.04.3 LTS).

How to Install HySecure Linux Client on Linux Operating Systems?

Download the Client Setup on local directory which is in “tar.gz” format.

  • Open Linux “Terminal” and go to the client setup location.

  • Extract the client setup using below command:

#tar -xvf client_setup.tar.gz

  • After extract the client setup you will get “Installer” folder.

  • Internet Access must be required for HySecure Linux Client installation.

  • Then Run “install.sh” script using root user privileges as below:

#sudo ./install.sh

  • Then Press the Enter Key

  • After successful installation, you must have to signoff and sign in into Linux machine for take effect.

How to verify HySecure Linux Client got installed Successfully on Linux OS?

User can check if client is installed on machine successfully with the command:

  • Systemctl status uac_manager.service

If above service is running, it means HySecure Linux Client is installed successfully.

  • User can also check file in

- /opt/accops/hysecure

- /etc/system/system/uac_manager.service

- /var/lib/accops/hysecure

What happens when user get error ‘dpkg status database is locked in another process’ while installing HySecure Linux Client?

In this case, most likely some other software is using system apt subsystem for installation. If you are not installing anything, then probably system update is running and trying to install updates. To skip this and proceed with installation, perform the following command:

- Ps -ax | grep “apt”

- Check for entries matching apt.systemd.daily, find PID and kill using

Sudo kill -9 \<pid>

After installation is there anything that needs to be done?

User has to logout and login again after the client is installed.

What happens when user get ‘Failed to fetch archives’ while installing HySecure Linux Client?

In this case, make sure, internet is connected and if your machine is connected to a proxy, then you are logged in to that proxy server.

The perform the steps again:

- Sudo apt-get install -f

- Sudo dpkg -i accopshysecure543.deb

What happens when user get error ‘Error while processing package accopshysecure’ while installing HySecure Linux Client?

For this, after this command perform the following command

- Sudo apt-get install -f

Once this command succeeds, perform the install command again:

- Sudo dpkg -I accopshysecure543.deb

General

Is admin/root privileges required to stop “uac_manager.service”?

Yes, to stop uac_manager_service the admin/root privileges are required. Command to stop uac_manager.service :

  • Systemctl stop uac_manager.service

Can User access HySecure Linux Client over lan and internet?

Yes.

Where is “uac_manager.service” service location?

uac_manager.service location: /etc/systemd/system/uac_manager.service

Where is HySecure Linux Client UAC log location?

Log location: /var/log/accops/hysecure/uac.log,

-/var/log/accops/hysecure/shim.log (only applicable when not using host file).

How to verify captured device details with HySecure Linux Client?

Device ID details will appear in management console.

What is Installation directory for HySecure Linux Client on Linux OS?

Installation directory: /opt/accops/hysecure

What happens when root user stops “uac_manager” service?

When user open Accops HySecure Linux Client then it will give prompt as “Hysecure client services not running. Press OK to try again”. uac_manager.service get stopped but won’t start automatically. Root user must start manually by following command:

  • Systemctl start uac_manager.service

What happens if normal user kills “uac_launcher” process?

Normal user won’t be able to kill uac_launcher. To kill uac_manager.service, admin/root user is required.

To kill the uac_manager.service:

  • kill -9 PID (pid can get from uac_manager.service status)

Can normal user start /stop and check the status of uac_manger.service?

No, normal user can’t start/stop uac_manager.service but can check status.

How much max time to start uac_manager.service if it get killed?

If user kill uac_manager.service, then it will start within 5 seconds. This process is handled by system only.

How can verify stopped status time?

User must give following command:

  • Systemctl status uac_manager.service.

In output of above command there is inactive since ‘time’

How to verify accessed application traffic is going through HySecure Gateway?

User can check activity logs in gateway.

‘or’

  • Open putty.

  • Type command –> tcpdump -I eth0 host ‘IP’ and port 443

Is there any preference setting in HySecure Linux Client?

No. As of now there is no preference setting in HySecure Linux Client.

What happened when user tries to login without fetching realm?

Incorrect username and password prompt while display. As user must first select gateway and then login.

Can user see logs directly from HySecure Linux Client?

No user can’t see logs directly from HySecure Linux Client.

Can one user see logs of another user’s log?

Yes, one user can see another user’s log.

What is the size of log file?

The size of log is 5MB. When log file size becomes 5mb then it will clear and start creating new.

What time stamp details does uac_manager.service provides?

It provides details of last started and stopped uac_manager.services of system.

Where is the uac_manager.service file located?

The path of uac_manager.service file is /etc/systemd/system/uac_manager.service

What is the path of uac_launcher?

The path of uac_launcher is /opt/accops/hysecure/uac_launcher.

What unit parameters does uac_manager.service file contain?

The file contains:

  • Description=HySecure client service

  • After=network.target

  • StartLimitIntervalSec=3

  • StartLimitBurst=999

What service parameters does uac_manager.service file contain?

The file contains:

  • Type=simple

  • Restart=always

  • RestartSec=4

  • User=root

  • ExecStart=/opt/accops/hysecure/uac_launcher

What install parameter does uac_manager.service file contain?

The file contains:

  • WantedBy=multi-user.target

Where is the user’s information is saved?

The information of user is saved hys.conf and hysp.conf file.

What is the path of conf file where user’s information is saved?

he path of user’s information is saved:

/var/lib/accops/hysecure

What is the difference between hys.conf and hysp.conf?

The difference between hys.conf and hysp.conf is:

  • Hys.conf: This file store user’s information in encrypted format.

  • Hysp.conf: This file also stores some information of user in plain format.

What are the parameters does hysp.conf file contains?

The following parameters of hysp.conf file contains:

  • AUTOLOGIN= true/false

  • INTERNET_BLOCK=true/false

  • LINUXFORCEUPDATE= (path of updater file)

  • LINUXUPDATEVERSION= (the version of update)

  • UAC_STATUS=true/false

What tag should be specified for denying HySecure Linux Client to add entry in host file while logging in?

The tag for not adding entry in host file is: DONOTUSEHOSTFILE=true

Where should be the above tag specified at?

The steps to give tag are as follows:

  • Open Putty.

  • Cd /home/fes/public

  • Vi verinfo.js

-DONOTUSEHOSTFILE=true

Can the server IP be changed after client logout when entry is present in verinfo.js file?

No user won’t be able to change server address when logout from client.

What tag must be specified in verinfo.js file to make the user login with a default server IP?

The steps to give tag are as follows:

  • Open Putty.

  • Cd /home/fes/public

  • Vi verinfo.js

-DONOTCHANGEGATEWAYADDRESS=true

Is there any dependency of alternate gateway with the above list?

Yes, if user won’t set DONOTCHANGEGATEWAYADDRESS = true then it will not give alternate gateway list.

Does HySecure Linux Client support Device ID?

Yes, HySecure Linux Client support device ID.

Which parameters does HySecure Linux Client support in device ID?

The following parameter of HySecure Linux Client support in device ID are as follows:

  • NIC Manufacturer

  • Hard disk

  • CPU ID

  • Mother board

  • Locale

  • Regional Settings

  • Time Zone

  • Default Gateway

  • Hostname

  • MAC list

What is the path of client upgrade?

To check the client upgrade, the following steps are as follows:

  1. Open Terminal in ubuntu machine.

  2. Cd /tmp/

- update.tar.gz

- accopsupdate

The above file will display when client get upgrade.

What does the files update.tar.gz and accopsupdate represent in /tmp?

The following detail of file are as follows:

  1. update.tar.gz: - compressed update data.

  2. Accopsupdate: - folder in which the update is decompressed.

Does HySecure Linux Client support Endpoint protection?

Yes, HySecure Linux Client support Endpoint protection.

Which parameter does Endpoint protection support?

Two parameter of Endpoint protection is supported in HySecure Linux client which are:

  1. MAC Address

  2. IP Address

What type of application does HySecure Linux Client support?

The type of application is supported by HySecure Linux Client, which are as follows:
SR. No. Application Support IP Address support Hostname support
1 HTTP YES Yes YES
2 HTTPS YES Yes YES
3 Network YES Yes NA
4 RDP application without SSO YES Yes YES
5 RDP application with SSO YES Yes YES
6 RDP application with SSO with HySecure Login Credentials YES Yes YES
7 VNC YES Yes NA
8 SSH YES Yes YES
9 Other YES Yes YES

Upgrade

How to upgrade HySecure Linux Client from HySecure Gateway?

The following steps as follows:

  • Open Putty.

  • Cd /home/fes/public

  • Vi verinfo.js

- LINUXUPDATEVERSION=527
- LINUXUPDATEPATH=https://172.16.1.191/fes-bin/public/527.tar.gz

What is the tag for upgrade of HySecure Linux Client?

The tag to upgrade HySecure Linux Client:

  • LINUXUPDATEVERSION=527

  • LINUXUPDATEPATH=https://172.16.1.191/fes-bin/public/527.tar.gz

Can HySecure Linux Client upgrade forcefully?

Yes, HySecure Linux Client can upgrade forcefully by following steps:

  • Open Putty.

  • Cd /home/fes/public

  • Vi verinfo.js

  • LINUXUPDATEVERSION=527
  • LINUXFORCEUPDATE=true

What is the path of updater?

The path of updater is: /opt/accops/updater/uac_updater

Uninstall

How to Uninstall HySecure Linux Client from Linux OS through shell script?

The steps for uninstallation of HySecure Linux Client are as follows:

  • Go to the directory where the file is saved on end user’s machine.

  • Run the script: sudo ./uninstall.sh

  • It will ask for password.

  • Logout and login again.

How to uninstall HySecure Linux Client from Linux OS through Debian file?

The steps for uninstallation of HySecure Linux Client are as follows:

  • Go to the directory where the file is saved on end user’s machine.

  • Run the command: sudo apt-get purge accopshysecure

  • It will ask for password.

  • Logout and login again.

Is uninstallation of HySecure Linux Client is password protected?

No. As of now, it will ask for root user password.

Can normal user uninstall HySecure Linux Client?

No, only root user can uninstall HySecure Linux Client.

How to verify HySecure Linux has been successfully uninstalled?

User can search Client in his computer.

‘or’

  • Open Terminal.

  • Type the following command:

Systemctl status uac_manager.services

If user wont, get any output then it means HySecure Linux Client is not available.

‘or’

  • User can also check file in

- /opt/accops/hysecure

- /etc/system/system/uac_manager.service

- /var/lib/accops/hysecure

The above file should not be present.