HOW TO: Install PGP Whole Disk Encryption for Linux

Article:HOWTO42122  |  Created: 2010-01-14  |  Updated: 2014-05-12  |  Article URL http://www.symantec.com/docs/HOWTO42122
Article Type
How To


Environment



Beginning with PGP Desktop 10.0, PGP Whole Disk Encryption is supported on Linux. PGP Whole Disk Encryption (currently Symantec Encryption Desktop Whole Disk Encryption) for Linux locks down the entire contents of your Linux system using PGP Whole Disk Encryption (WDE) technology.



This article details how to install and configure Symantec Encryption Desktop Whole Disk Encryption (formerly PGP Whole Disk Encryption) for Linux.

To install Whole Disk Encryption for Linux:

PLEASE NOTE: dkms, fakeroot and other packages may be installed during WDE installation process if respective package is missing from system prior install.

 

  1. Download the appropriate installer from FileConnect or your Symantec Encryption Management Server (Formerly PGP Universal Server). To download installer from your Symantec Encryption Management Server go to the Consumers tab when logged in to Web-Interface of SEMS and click the Download Client button. Choose either Linux 32-bit or Linux 64-bit as then select platform of your Linux distribution. To identify platform type of your Linux distribution, please execute uname -i command in the terminal of your Linux system. As of this writing, the latest version of PGP Desktop, 10.3.2 MP1 build 15337, supports the following distributions:
    • Ubuntu 12.04 LTS, 12.04.1 LTS, 12.04.2 LTS, 12.04.3 LTS; (32-bit and 64-bit versions)
    • Red Hat Enterprise Linux/CentOS 5.7, 5.8, 5.9, 5.10, 6.0, 6.1, 6.2, 6.3, 6.4; (32-bit and 64-bit versions)
  2. For your Linux distribution, run the following command in the appropriate directory replacing XXXXX with the appropriate build number from the downloaded installer and replacing YYYYYY with platform type of your Linux system:
    • Ubuntu 12.04: sudo bash pgp_desktop_10.3.2.XXXXX_linux_ub12.04_YYYYYY.bsx
    • Red Hat Enterprise Linux/CentOS: su -l -c 'bash pgp_desktop_10.3.2_XXXXX_linux_el5_YYYYYY.bsx'
  3. Read and accept the license agreement. After installation completes, you are prompted to restart your computer.
  4. Restart the computer.

Please note that only certain kernels are supported, therefore installation of WDE may fail when unsupported kernel is being used. For example the kernel module for Ubunty release 12.04.3 LTS will be installed successfully on kernel 3.8.0-29-generic. To identify what kernel version you currently running under Linux distribution use command uname -r

License Authorization for standalone users of Linux:

  1. Start terminal command line.
  2. Type 'pgpwde --license-authorize --license-name "<USER_NAME>" --license-organization "<ORGANIZATION>" --license-number <LICENSE KEY>'
  3. Press Enter.

Configuring a Managed Client on Linux:

  1. From a terminal, as privileged user run 'pgpconfigure "ovid=<server>&mail=*&admin=1' command, replacing <server> with the FQDN or IP address of your Symantec Encryption Management Server.
  2. Restart the computer
  3. From a terminal, run 'pgpenroll --enroll' command using regular user account.
  4. When prompted for the username and password provide credentials of a valid user.

Encrypting a Drive

For most users, the following command will instrument the drive, add a user (replace <username> and <userpassword> with your credentials), and start the encryption process:

pgpwde --secure --disk 0 --user "<username>" -p '<userpassword>' --all --fast

Please consult the User's Guide for additional information: http://www.symantec.com/docs/DOC7119 




Legacy ID



1878


Article URL http://www.symantec.com/docs/HOWTO42122


Terms of use for this information are found in Legal Notices