USP Client Installation
This guide details the steps required to install the USP Client on Debian-based and RHEL-based systems using the provided .deb and .rpm packages.
Prerequisites
- Root access.
- Two sets of public and private key pairs, used for authentication between the USP Client and the USP Server.
For detailed instructions on how to generate the required SSH key pairs for client authentication and tunnel host verification, refer to Generating SSH Keys for USP Tunnels.
Installation
- RHEL-Based Systems (e.g., CentOS, Fedora)
- Debian-Based Systems (e.g., Ubuntu)
1. Download the .rpm package
To obtain the installation package, contact your Stonebranch representative. If you do not have a representative, reach out to support@stonebranch.com.
2. Install the package
Use the following command to install the package:
sudo rpm -ivh usp-client_{VERSION}_linux_amd64.rpm
Replace {VERSION} with the version of USP you are installing (e.g., 1.0).
3. Confirm creation of config and env files
The USP Client utilizes a configuration file located at /opt/udmg/etc/usp-client.hcl. Additionally, the systemctl unit loads environment variables from a file located at /opt/udmg/etc/usp-client.env.
Verify that these files have been created correctly by running the following commands:
cd /opt/udmg/etc/
ls
4. Set the USP Client's configuration file
Edit the /opt/udmg/etc/usp-client.hcl file by opening it in a text editor. For example:
vi usp-client.hcl
All files that are going to be used by USP Manager need to be owned by the appropiate user and group (udmg). For more information, refer to File Ownership and Permissions.
Set the following arguments in the USP Client Configuration File:
# Unique identifier for this USP Client instance.
# Must match exactly the Name field defined in the corresponding Proxy Client configuration.
# Info note below links to more details.
name = "usp-client-1"
# Absolute path to the USP Client's private key used for authentication with the USP Server.
# Counterpart Public Key is in the Proxy Client's Public Key field.
key = "/opt/udmg/etc/ssh_keys/usp-client-1-key" # Use this if you followed the Generating SSH Keys for USP Tunnels guide.
tunnel {
# The hostname or IP address of the USP Server where this USP Client matching Tunnel is running.
host = ""
# The port where this USP Client matching Tunnel is listening.
# It must match the Port field defined in the corresponding Tunnel configuration.
port = ""
# Absolute path to the public key used to validate the USP Server's private key.
# Counterpart Private Key is in the Tunnel's Private Key field.
host_key = "/opt/udmg/etc/ssh_keys/usp-tunnel-key.pub." # Use this if you followed the Generating SSH Keys for USP Tunnels guide
}
log {
# (Optional) Recommended for troubleshooting.
# Specify a file path to write logs to a dedicated log file.
path = "/var/opt/udmg/usp-client.log"
}
For more context on how the name value is used, see Proxy Clients.
For a complete list of available configuration parameters, refer to USP Client Configuration File.
5. Start the USP Client systemd service
Once the required configuration values have been configured, start the service using the following command:
sudo systemctl start usp-client
6. Verify installation
Verify that the service is running by executing the following command:
sudo systemctl status usp-client
If you encounter any issues, refer to Troubleshooting, where we cover the most commonly encountered issues.
1. Download the .deb package
To obtain the installation package, contact your Stonebranch representative. If you do not have a representative, reach out to support@stonebranch.com.
2. Install the package
Use the following command to install the package:
sudo dpkg -i usp-client_{VERSION}_linux_amd64.deb
Replace {VERSION} with the version of USP you are installing (e.g., 1.0).
3. Confirm creation of config and env files
The USP Client utilizes a configuration file located at /opt/udmg/etc/usp-client.hcl. Additionally, the systemctl unit loads environment variables from a file located at /opt/udmg/etc/usp-client.env.
Verify that these files have been created correctly by running the following commands:
cd /opt/udmg/etc/
ls
4. Set the USP Client's configuration file
Edit the /opt/udmg/etc/usp-client.hcl file by opening it in a text editor. For example:
vi usp-client.hcl
All files that are going to be used by USP Manager need to be owned by the appropiate user and group (udmg). For more information, refer to File Ownership and Permissions.
Set the following arguments in the USP Client Configuration File:
# Unique identifier for this USP Client instance.
# Must match exactly the Name field defined in the corresponding Proxy Client configuration.
# Info note below links to more details.
name = "usp-client-1"
# Absolute path to the USP Client's private key used for authentication with the USP Server.
# Counterpart Public Key is in the Proxy Client's Public Key field.
key = "/opt/udmg/etc/ssh_keys/usp-client-1-key" # Use this if you followed the Generating SSH Keys for USP Tunnels guide.
tunnel {
# The hostname or IP address of the USP Server where this USP Client matching Tunnel is running.
host = ""
# The port where this USP Client matching Tunnel is listening.
# It must match the Port field defined in the corresponding Tunnel configuration.
port = ""
# Absolute path to the public key used to validate the USP Server's private key.
# Counterpart Private Key is in the Tunnel's Private Key field.
host_key = "/opt/udmg/etc/ssh_keys/usp-tunnel-key.pub." # Use this if you followed the Generating SSH Keys for USP Tunnels guide
}
log {
# (Optional) Recommended for troubleshooting.
# Specify a file path to write logs to a dedicated log file.
path = "/var/opt/udmg/usp-client.log"
}
For more context on how the name value is used, see Proxy Clients.
For a complete list of available configuration parameters, refer to USP Client Configuration File.
5. Start the USP Client systemd service
Once the required configuration values have been configured, start the service using the following command:
sudo systemctl start usp-client
6. Verify installation
Verify that the service is running by executing the following command:
sudo systemctl status usp-client
If you encounter any issues, refer to Troubleshooting, where we cover the most commonly encountered issues.