Product Documentation

Install StrongKey software stack on the New Node using the standalone instructions.

  1. Log into the appliance as root user.
  2. Start a shell window.
  3. Create skfs-v4-xx-x directory and change directory to /usr/local/software/skfs-v4-xx-x:
    shell> cd /usr/local/software/skfs-v4-xx-x
  4. Download the same binary distribution as present on the other nodes and extract the distribution to the directory:
    shell> tar zxvf fido2server-v4.xx.x-dist.tgz -C skfs-v4-xx-x
  5. Using a text editor (gedit or vi), edit the install-skfs.sh script to customize FQDNs, passwords, etc.

    https://demo4.strongkey.com/getstarted/assets/documents/HTML/images/key_strong_cyan.pngNOTE: All parameters must be identical to those chosen for other nodes in the cluster.

  6. Run the install-skfs.sh script:
    shell> ./install-skfs.sh
  7. Modify the firewall configuration to open ports 7001, 7002, and 7003 to accept connections between just the FIDO2 servers to enable multi-way replication. Run the following command once for each cluster node's IP address (substituting for ).

    Do not execute this command for the IP address of the cluster node on which you are executing the command itself. It is not necessary to open the node's ports on the firewall for itself, since the replication module in SKFS does not need to replicate to itself.

    shell> firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address='<ip-target-fidoserver>' port port=7001-7003 protocol=tcp accept' 
    
    shell> systemctl restart firewalld
    
  8. Log out as root.