[KB7907] Install ESET PROTECT On-Prem on Debian 10

Issue

  • You are using Debian Linux version 10, and you need to install ESET PROTECT On-Prem

Details


Click to expand

This article describes the installation process on Debian 10 as installed from the official small installation image. If you already have some software installed, the installation process might differ.


Solution

  1. Prerequisites
  2. Install the MySQL database
  3. Install ODBC connector
  4. Install the required tools
  5. Install the server component of ESET PROTECT On-Prem
  6. Install the Web Console
  7. Install the ESET Management Agent
  8. Optional: Remove redundant files

I. Prerequisites

  1. Verify your internet connection. If you have a problem with your connection, use the following command to list the available network devices.
nmcli d
  1. To connect to the network, use the command nmtui.
  1. Install Linux tool nano wget.
sudo apt-get install nano wget

II. Install the MySQL database

  1. Download the MySQL repository file.
wget https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-server_8.0.23-1debian10_amd64.deb-bundle.tar
  1. Extract the MySQL repository.
tar -xvf mysql-server_8.0.23-1debian10_amd64.deb-bundle.tar
  1. Install the MySQL prerequisites.
sudo apt-get install libaio1 libmecab2
  1. Preconfigure the MySQL server.
sudo dpkg-preconfigure mysql-community-server_8.0.23-1debian10_amd64.deb
  1. Install the MySQL server.
sudo dpkg -i mysql-{common,community-client-plugins,community-client-core,community-client,client,community-server-core,community-server,server}_8.0.23-1debian10_amd64.deb
  1. After the server is installed, open the MySQL configuration file.
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
  1. Add the following lines to the mysqld section:
max_allowed_packet=33M
log_bin_trust_function_creators=1
innodb_log_file_size=150M
innodb_log_files_in_group=2
  1. Save the changes. Press CTRL + X and press Y to confirm.

  2. Restart the MySQL service.
sudo systemctl restart mysql
  1. Verify that the MySQL service is running.
sudo systemctl status mysql

III. Install ODBC connector

  1. Install unixODBC drivers.
sudo apt-get install unixodbc
  1. Download the ODBC file. Do not install using the APT, as this will install the latest version.
wget https://downloads.mysql.com/archives/get/p/10/file/mysql-connector-odbc-8.0.17-linux-debian10-x86-64bit.tar.gz
  1. Unzip the ODBC driver archive.
gunzip mysql-connector-odbc-8.0.17-linux-debian10-x86-64bit.tar.gz
  1. Extract the ODBC driver.
tar -xvf mysql-connector-odbc-8.0.17-linux-debian10-x86-64bit.tar
  1. Navigate to the ODBC driver folder.
cd mysql-connector-odbc-8.0.17-linux-debian10-x86-64bit
  1. Copy ODBC driver files.
sudo cp bin/* /usr/local/bin
sudo cp lib/* /usr/local/lib
  1. Set up the ODBC driver.
sudo myodbc-installer -a -d -n "MySQL ODBC 8.0 Driver" -t "Driver=/usr/local/lib/libmyodbc8w.so"
sudo myodbc-installer -a -d -n "MySQL ODBC 8.0" -t "Driver=/usr/local/lib/libmyodbc8a.so"
  1. List the installed drivers.
sudo myodbc-installer -d -l

IV. Install the required tools

  1. Update your OpenSSL.
sudo apt-get install openssl
  1. Install Xvfb.
sudo apt-get install xvfb
  1. Install Cifs-utils.
sudo apt-get install cifs-utils
  1. Install QtWebKit.
sudo apt-get install libqtwebkit4
  1. Install Kerberos.
sudo apt-get install krb5-user
  1. Install LDAP Search.
sudo apt-get install ldap-utils
  1. Install SNMP.
sudo apt-get install snmp

V. Install the Server component of ESET PROTECT On-Prem

  1. Download the ESET PROTECT Server installer.
wget https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server-linux-x86_64.sh
  1. Configure the server installation file set as an executable.
chmod +x server-linux-x86_64.sh
  1. Create the temporary installer script.
touch server_installer.sh
  1. Open the temporary script and paste the following code:
sudo ./server-linux-x86_64.sh \
--skip-license \
--db-type="MySQL Server" \
--db-driver="MySQL ODBC 8.0 Driver" \
--db-hostname=localhost \
--db-port=3306 \
--db-admin-username=root \
--db-admin-password=password from step II.4. \
--server-root-password=password \
--db-user-username=erauser \
--db-user-password=strong complex password \
--cert-hostname="hostname, IP, FQDN"
  1. Update the hostname and IP address in the file to fit your installation. Use the IP address that agent machines will use to reach the Server machine. Make sure to set up a complex db-user-password. A weak password will cause the installation to fail.

  2. Run the installer script.
sudo sh server_installer.sh
  1. Verify that the ESET PROTECT Server service is running.
sudo systemctl status eraserver

VI. Install the Web Console

  1. Install JDK.
sudo apt-get install openjdk-11-jdk
  1. Verify the installed version of JDK.
java -version
  1. Install Tomcat.
sudo apt-get install tomcat9
  1. Verify that the Tomcat service is running.
sudo systemctl status tomcat9
  1. Download the Web Console.
wget https://download.eset.com/com/eset/apps/business/era/webconsole/latest/era.war
  1. Copy the Web Console file to the Tomcat folder.
sudo cp era.war /var/lib/tomcat9/webapps/
  1. Restart the Tomcat service to deploy the era.war file.
sudo systemctl restart tomcat9
  1. Verify the era folder is present in the Tomcat folder. 
ls /var/lib/tomcat9/webapps

The output should look as follows:

era era.war
  1. You can now connect the Web Console to other machines. For example, try the following:
http://localhost:8080/era

The ESET PROTECT Server is deployed where localhost is replaced by the IP address of your machine.

Continue to the next section if you can open the ESET PROTECT Web Console and log in with Administrator credentials (the password was set in the installer script as db-user-username).

The connection to the Web Console is now available only via HTTP. You can set up a new HTTPS connection.


VII. Install the ESET Management Agent

  1. Download the Agent installer.
wget https://download.eset.com/com/eset/apps/business/era/agent/latest/agent-linux-x86_64.sh
  1. Set the installer as executable.
chmod +x agent-linux-x86_64.sh
  1. Create temporary agent_installer.sh script.
touch agent_installer.sh
  1. For a server-assisted installation, open the temporary script and use the following code:
Replace hostname and password
  • The hostname is the IP or hostname of the ESET PROTECT Server machine
  • The Web Console password is the password you use to log in to ESET PROTECT Web Console
sudo ./agent-linux-x86_64.sh \
--skip-license \
--hostname=hostname \
--port=2222 \
--webconsole-user=Administrator \
--webconsole-password=password \
--webconsole-port=2223
  1. Run the installer script.
sudo sh agent_installer.sh
  1. When prompted, press y to accept the certificate.

  2. Verify that the ESET Management Agent service is running.
sudo systemctl status eraagent
  1. Open the ESET PROTECT Web Console and log in as Administrator. If the Computers section contains your server machine, the Agent is installed successfully.

VIII. Optional: Remove redundant files

  1. After the components installation is finished successfully, remove the installers and scripts.
rm -rf agent_installer.sh
rm -rf agent-linux-x86_64.sh
rm -rf era.war
rm -rf server_installer.sh
rm -rf server-linux-x86_64.sh
rm -rf libmysqlclient21_8.0.23-1debian10_amd64.deb
rm -rf libmysqlclient-dev_8.0.23-1debian10_amd64.deb
rm -rf mysql-client_8.0.23-1debian10_amd64.deb
rm -rf mysql-common_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-client_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-client-core_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-client-plugins_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-server_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-server-core_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-server-debug_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-test_8.0.23-1debian10_amd64.deb
rm -rf mysql-community-test-debug_8.0.23-1debian10_amd64.deb
rm -rf mysql-connector-odbc-8.0.17-linux-debian10-x86-64bit
rm -rf mysql-connector-odbc-8.0.17-linux-debian10-x86-64bit.tar
rm -rf mysql-server_8.0.23-1debian10_amd64.deb
rm -rf mysql-server_8.0.23-1debian10_amd64.deb-bundle.tar
rm -rf mysql-testsuite_8.0.23-1debian10_amd64.deb