Linux Nodes

Overview #

This guide describes how to install a StrongDM node (gateway or relay) on Linux.

Steps #

1. Log in to the StrongDM Admin UI.
2. Go to Networking > Gateways and click Add gateway, or go to Networking > Relays and click Add relay.

3. For Name, enter a display name for the gateway or relay.

4. For a gateway, for Advertised Host, define the advertised host for the server (for example, sdm-gw0.yourcompany.com, or 111.222.333.444). It must be an IP or hostname accessible to your StrongDM clients. Additionally, for Advertised Port, enter the port that you left open for the gateway to interact with StrongDM clients (by default, 5000).

   If you change the advertised port, verify whether or not you also need to change the bind port. The bind port is set from the Advanced option upon gateway creation.

5. Click Create gateway or Create relay. A token is generated that is only shown to you one time that you’ll need to use later in the installation process. Carefully copy the token and save it somewhere for later use.

6. Log in to the server you created to host your node.

7. Download the StrongDM binary:

   curl -J -O -L https://app.strongdm.com/releases/cli/linux
   

8. Unzip it (if this is a new server, you may need to install a package to unzip archives, such as with sudo apt-get install unzip on Ubuntu distributions):

   unzip sdmcli_VERSION_NUMBER_linux_amd64.zip
   

9. Install the node:

   sudo ./sdm install --relay
   

   sudo ./sdm install --app-domain app.uk.strongdm.com --relay
   

   sudo ./sdm install --app-domain app.eu.strongdm.com --relay
   

   You will be prompted for the token you generated in the Admin UI; paste it in and hit enter. Note that the token won’t show in the terminal for security purposes, similar to the masking of a password.

   The installer must be run by a user that exists in the /etc/passwd file. Any users remotely authenticated, such as with LDAP or an SSO service, may fail to complete the installation.

10. In the Admin UI, go back to Networking > Gateways or Networking > Relays to check the status of your node.

The node you created should appear to be online and have a heartbeat. If it doesn’t appear online, perform a hard refresh of your browser. Within a couple of minutes, if it is still not online, verify that the StrongDM daemon is running by running ps aux|grep sdm on the server and looking for a line that says sdm relay.