Keeper Connection Manager can be installed using one of three methods: An automated Docker Install, a Docker Compose Install, and Advanced Linux Install. The automated Docker Install is the recommended method of installation and the one that will be covered in this video.

For the Auto Docker Install method, we support any version of Linux.

A couple notes before starting the install.

If you are using CentOS, Red Hat, or Ubuntu (as demonstrated here) install the haveged package to ensure that the environment is capable of generating enough entropy for creating secure random numbers. On Ubuntu, run the following command:

sudo apt-get install haveged

For CentOS and Redhat, haveged must be explicitly started and enabled using the following commands:

sudo systemctl start haveged
sudo systemctl enable haveged

Next, we get the installer. From the Linux command line, download the installer script using the following command.

wget https://keepersecurity.com/kcm/kcm-setup.run

A certificate is needed to ensure the portal is using HTTPS. To make things simpler, the installer can use Let’s Encrypt to generate the SSL certificate for the gateway. Also, you need to open HTTP port 80 and HTTPS port 443 to the service at least during the install process. The Lets Encrypt servers will attempt to reach the instance and it will fail the installation if there is no network connectivity. Here are the commands:

sudo ufw allow 80
sudo ufw allow 443

Next, we add execute permissions to the the installer and run the command with root permissions using sudo:

sudo chmod +x kcm-setup.run
sudo./kcm-setup.run

During the install, accept the EULA, and you will be prompted on whether or not you have SSL termination available on this server. If you respond N for no, you will be asked to enter your server’s public, fully-qualified domain name and then select how you would like the SSL termination to be configured.

Once the installation is completed, an admin login and password is created for you. Make sure to store this in your Keeper vault, as it will not be provided again later. Now that the installation is complete, you should be able to load up the Keeper Connection Manager login screen by visiting the hostname specified in the setup wizard.

Assuming you used Keeper to store the password, you'll be able to immediately login as the guacadmin default user.